urlscan.io logo urlscan.io
SecurityTrails logo

www.newsmax.com Open in urlscan Pro
2a02:26f0:6c00::210:baf2  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Submission: On October 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 13 countries across 79 domains to perform 379 HTTP transactions. The main IP is 2a02:26f0:6c00::210:baf2, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.newsmax.com. The Cisco Umbrella rank of the primary domain is 50077.
TLS certificate: Issued by R3 on September 8th 2022. Valid for: 3 months.
This is the only time www.newsmax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
48 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 104.75.88.126 16625 (AKAMAI-AS)
1 17 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.160.11.30 14618 (AMAZON-AES)
2 2606:2800:234... 15133 (EDGECAST)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 143.204.215.58 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.251.39.34 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2600:9000:205... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
2 45.133.44.3 7018 (ATT-INTER...)
1 6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.146.241.124 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 2600:9000:214... 16509 (AMAZON-02)
4 2a0c:5c81:514... 55081 (24SHELLS)
2 2a00:1450:400... 15169 (GOOGLE)
10 23.35.237.151 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.206.137.207 14618 (AMAZON-AES)
7 54.244.189.41 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
2 6 3.212.123.192 14618 (AMAZON-AES)
2 213.19.147.42 26120 (RHYTHMONE)
1 216.52.2.30 30282 (AS-INAPCD...)
1 178.250.0.165 44788 (ASN-CRITE...)
2 51.75.86.98 16276 (OVH)
30 3.122.76.234 16509 (AMAZON-02)
3 7 37.252.172.123 29990 (ASN-APPNEX)
1 69.166.1.8 27630 (AS-XFERNET)
1 198.148.27.134 19189 (PULSEPOINT)
6 2602:803:c003... 26667 (RUBICONPR...)
10 35.244.159.8 15169 (GOOGLE)
1 4 104.18.19.126 13335 (CLOUDFLAR...)
1 198.47.127.22 62713 (AS-PUBMATIC)
1 104.244.42.8 13414 (TWITTER)
3 3 185.29.134.244 30419 (MEDIAMATH...)
6 52.223.40.198 16509 (AMAZON-02)
8 8 3.122.40.23 16509 (AMAZON-02)
7 10 142.250.186.130 15169 (GOOGLE)
2 2 52.210.26.59 16509 (AMAZON-02)
1 2 69.192.160.219 16625 (AKAMAI-AS)
1 2a04:4e42:600... 54113 (FASTLY)
2 2 50.31.142.223 23352 (SERVERCEN...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
7 151.139.128.11 20446 (STACKPATH...)
3 34.249.231.255 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
15 184.24.77.210 20940 (AKAMAI-ASN1)
2 23.35.236.201 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
6 54.194.226.232 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
11 2a00:1450:400... 15169 (GOOGLE)
1 34.120.135.53 396982 (GOOGLE-CL...)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
5 178.250.2.146 44788 (ASN-CRITE...)
1 52.18.161.218 16509 (AMAZON-02)
1 162.19.138.83 16276 (OVH)
1 23.35.236.247 16625 (AKAMAI-AS)
1 67.202.105.24 32748 (STEADFAST)
2 4 198.148.27.139 19189 (PULSEPOINT)
2 23.205.235.133 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
2 2 35.156.85.196 16509 (AMAZON-02)
4 69.166.1.10 27630 (AS-XFERNET)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 198.47.127.19 3257 (GTT-BACKB...)
2 2 35.156.104.29 16509 (AMAZON-02)
1 1 51.75.146.159 16276 (OVH)
1 54.194.213.220 16509 (AMAZON-02)
2 2 37.157.4.23 198622 (ADFORM)
4 4 69.173.144.165 26667 (RUBICONPR...)
3 5 52.46.155.104 16509 (AMAZON-02)
2 4 69.173.144.138 26667 (RUBICONPR...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 54.239.38.253 16509 (AMAZON-02)
1 3 104.18.18.126 13335 (CLOUDFLAR...)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 185.80.39.216 27381 (CASALE-MEDIA)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
1 216.238.156.11 ()
1 162.247.241.14 23467 (NEWRELIC-...)
1 2 2.18.79.141 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
379 99
48    2a02:26f0:6c00::210:baf2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.newsmax.com
6    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
20    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
www.google-analytics.com
3    2606:4700:20::681a:c56 (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
5    2a02:26f0:3500:586::10fe (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdnapisec.kaltura.com
7    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
17    2606:4700::6812:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)
proxy.beyondwords.io
app.beyondwords.io
audio.beyondwords.io
metrics.beyondwords.io
1    2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.160.11.30 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-11-30.compute-1.amazonaws.com
soapps.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
02179912.akstat.io
3    2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    143.204.215.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-58.fra53.r.cloudfront.net
sb.scorecardresearch.com
5    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net
www.googleadservices.com
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2600:9000:2057:a200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
4    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
1    2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:2057:2200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
6    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:1f18:730:b150:b4b2:cbd5:d9df:a8f5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    54.146.241.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-241-124.compute-1.amazonaws.com
rp4.liadm.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:9000:214f:1600:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pxl.qccerttest.com
4    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
10    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:206f:e000:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
1    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
amp.akamaized.net
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    44.206.137.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-137-207.compute-1.amazonaws.com
static.newsmaxfeednetwork.com
7    54.244.189.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-189-41.us-west-2.compute.amazonaws.com
analytics.kaltura.com
1    2600:9000:214f:6000:19:597a:e108:c5a1 (United States)

ASN16509 (AMAZON-02, US)
cfvod.kaltura.com
6    3.212.123.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-123-192.compute-1.amazonaws.com
i.liadm.com
2    213.19.147.42 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    51.75.86.98 (Istanbul, Turkey)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
30    3.122.76.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
7    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
6    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
os4m-d.openx.net
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
4    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
8    3.122.40.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-40-23.eu-central-1.compute.amazonaws.com
x.bidswitch.net
10    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    52.210.26.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-26-59.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    50.31.142.223 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    2600:1f18:ed:550e:2ffc:e2b0:e092:1f2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
7    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
assets.newsmaxwidget.com
assets.revcontent.com
images.newsmaxwidget.com
3    34.249.231.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-231-255.eu-west-1.compute.amazonaws.com
trends.newsmaxwidget.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
adservice.google.de
15    184.24.77.210 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-210.deploy.static.akamaitechnologies.com
nmxvod.akamaized.net
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
6    54.194.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
yeet.revcontent.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
9f9f5662b2b94e850718fe9105522f7b.safeframe.googlesyndication.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
11    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
tpc.googlesyndication.com
1    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    52.18.161.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-218.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    35.156.85.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-85-196.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
4    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    35.156.104.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-104-29.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    51.75.146.159 (France)

ASN16276 (OVH, FR)
PTR: de05.roqad.pl
ws.rqtrk.eu
1    54.194.213.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-213-220.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2a05:d018:d29:3605:81f0:8432:14d1:181d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum.casalemedia.com
1    2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    216.238.156.11 (None, )

ASN- ()
ipapi.optiryte.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
2    2.18.79.141 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-141.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net
Apex Domain
Subdomains		 Transfer
48 newsmax.com
www.newsmax.com — Cisco Umbrella Rank: 50077
534 KB
30 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1577
5 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
pubads.g.doubleclick.net — Cisco Umbrella Rank: 369
197 KB
20 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2225
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 136
49 KB
17 beyondwords.io
proxy.beyondwords.io — Cisco Umbrella Rank: 71867
app.beyondwords.io — Cisco Umbrella Rank: 153161
audio.beyondwords.io — Cisco Umbrella Rank: 65230
metrics.beyondwords.io — Cisco Umbrella Rank: 85802
114 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 701
eus.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 1067
pixel.rubiconproject.com — Cisco Umbrella Rank: 493
20 KB
16 akamaized.net
amp.akamaized.net — Cisco Umbrella Rank: 14505
nmxvod.akamaized.net — Cisco Umbrella Rank: 203730
11 MB
13 kaltura.com
cdnapisec.kaltura.com — Cisco Umbrella Rank: 12227
analytics.kaltura.com — Cisco Umbrella Rank: 18587
cfvod.kaltura.com — Cisco Umbrella Rank: 17290
932 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
9f9f5662b2b94e850718fe9105522f7b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
111 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 844
gum.criteo.com — Cisco Umbrella Rank: 486
mug.criteo.com — Cisco Umbrella Rank: 1859
10 KB
11 openx.net
os4m-d.openx.net — Cisco Umbrella Rank: 55778
oajs.openx.net — Cisco Umbrella Rank: 3924
google-bidout-d.openx.net — Cisco Umbrella Rank: 3835
eu-u.openx.net — Cisco Umbrella Rank: 2606
us-u.openx.net — Cisco Umbrella Rank: 708
2 KB
11 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 4534
rp.liadm.com — Cisco Umbrella Rank: 2494
rp4.liadm.com — Cisco Umbrella Rank: 6039
i.liadm.com — Cisco Umbrella Rank: 936
i6.liadm.com — Cisco Umbrella Rank: 3102
22 KB
10 moatads.com
z.moatads.com — Cisco Umbrella Rank: 620
px.moatads.com — Cisco Umbrella Rank: 634
108 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 754
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908
dsum.casalemedia.com — Cisco Umbrella Rank: 2347
7 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 427
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1300
6 KB
8 revcontent.com
yeet.revcontent.com — Cisco Umbrella Rank: 10635
assets.revcontent.com — Cisco Umbrella Rank: 8718
13 KB
8 newsmaxwidget.com
assets.newsmaxwidget.com — Cisco Umbrella Rank: 136188
trends.newsmaxwidget.com — Cisco Umbrella Rank: 126463
images.newsmaxwidget.com — Cisco Umbrella Rank: 162751
88 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 430
4 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
acdn.adnxs.com — Cisco Umbrella Rank: 885
23 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
8 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2293
m.addthis.com — Cisco Umbrella Rank: 2326
x.dlx.addthis.com — Cisco Umbrella Rank: 2094
api-public.addthis.com — Cisco Umbrella Rank: 5190
219 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 463
2 KB
6 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6954
ghb.adtelligent.com — Cisco Umbrella Rank: 6955
31 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 358
111 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 311
109 KB
5 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 4517
bh.contextweb.com — Cisco Umbrella Rank: 832
2 KB
5 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2674
sync.go.sonobi.com — Cisco Umbrella Rank: 1512
4 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2895
kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2894
fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net
1 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 718
ads.pubmatic.com — Cisco Umbrella Rank: 728
image6.pubmatic.com — Cisco Umbrella Rank: 915
67 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
252 B
4 google.de
www.google.de — Cisco Umbrella Rank: 3460
adservice.google.de — Cisco Umbrella Rank: 5221
1 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3445
onesignal.com — Cisco Umbrella Rank: 868
82 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
3 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
195 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1449
pixel.quantserve.com — Cisco Umbrella Rank: 683
11 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
200 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 991
syndication.twitter.com — Cisco Umbrella Rank: 1241
133 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
imasdk.googleapis.com — Cisco Umbrella Rank: 456
350 KB
3 queryly.com
www.queryly.com — Cisco Umbrella Rank: 17556
14 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 735
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 989
925 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1306
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 6371
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 965
cdn.indexww.com — Cisco Umbrella Rank: 2222
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 789
57 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 827
600 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 293
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1080
362 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1307
163 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 34833
111 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1898
c.go-mpulse.net — Cisco Umbrella Rank: 738
51 KB
1 akstat.io
02179912.akstat.io — Cisco Umbrella Rank: 57365
202 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 393
616 B
1 optiryte.com
ipapi.optiryte.com
563 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 720
14 KB
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 4640
182 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 850
706 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 833
433 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3000
513 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1227
736 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 642
625 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2077
336 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 4181
8 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4869
17 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 873
368 B
1 33across.com
ssc.33across.com Failed
ssc-cms.33across.com — Cisco Umbrella Rank: 1624
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 869
650 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 2710
901 B
1 newsmaxfeednetwork.com
static.newsmaxfeednetwork.com — Cisco Umbrella Rank: 129436
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
17 KB
1 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 34955
5 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 1356
550 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1200
691 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
15 KB
1 soapps.net
soapps.net — Cisco Umbrella Rank: 69551
9 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
28 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
379 79
Domain Requested by
48 www.newsmax.com www.newsmax.com
30 btlr.sharethrough.com player.adtcdn.com
15 nmxvod.akamaized.net cdnapisec.kaltura.com
12 fundingchoicesmessages.google.com www.newsmax.com
10 cm.g.doubleclick.net 7 redirects eu-u.openx.net
www.newsmax.com
8 px.moatads.com www.newsmax.com
8 x.bidswitch.net 8 redirects
8 www.google-analytics.com www.googletagmanager.com
www.newsmax.com
www.google-analytics.com
7 ib.adnxs.com 3 redirects player.adtcdn.com
acdn.adnxs.com
7 analytics.kaltura.com cdnapisec.kaltura.com
7 proxy.beyondwords.io www.newsmax.com
proxy.beyondwords.io
6 gum.criteo.com 3 redirects static.criteo.net
6 tpc.googlesyndication.com www.newsmax.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 yeet.revcontent.com assets.newsmaxwidget.com
6 match.adsrvr.org i.liadm.com
ads.pubmatic.com
www.newsmax.com
eu-u.openx.net
ssum-sec.casalemedia.com
6 fastlane.rubiconproject.com player.adtcdn.com
6 i.liadm.com 2 redirects b-code.liadm.com
i.liadm.com
6 audio.beyondwords.io www.newsmax.com
proxy.beyondwords.io
browser.sentry-cdn.com
6 www.google.com 1 redirects www.newsmax.com
tpc.googlesyndication.com
6 cdnjs.cloudflare.com www.newsmax.com
cdnjs.cloudflare.com
5 s.amazon-adsystem.com 3 redirects www.newsmax.com
ssum-sec.casalemedia.com
5 eu-u.openx.net player.adtcdn.com
eu-u.openx.net
5 mug.criteo.com www.newsmax.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net www.googletagservices.com
www.newsmax.com
securepubads.g.doubleclick.net
5 cdnapisec.kaltura.com www.newsmax.com
cdnapisec.kaltura.com
4 images.newsmaxwidget.com www.newsmax.com
4 pixel.rubiconproject.com 2 redirects www.newsmax.com
4 token.rubiconproject.com 4 redirects
4 sync.go.sonobi.com www.newsmax.com
4 bh.contextweb.com 2 redirects player.adtcdn.com
www.newsmax.com
4 ghb.adtelligent.com player.adtelligent.com
4 www.facebook.com www.newsmax.com
4 sb.scorecardresearch.com 1 redirects www.newsmax.com
4 s7.addthis.com www.newsmax.com
s7.addthis.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 aax-eu.amazon-adsystem.com 2 redirects www.newsmax.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 us-u.openx.net eu-u.openx.net
3 trends.newsmaxwidget.com www.newsmax.com
assets.newsmaxwidget.com
3 sync.mathtag.com 3 redirects
3 www.google.de www.newsmax.com
3 connect.facebook.net www.newsmax.com
connect.facebook.net
3 www.googletagmanager.com www.newsmax.com
www.googletagmanager.com
audio.beyondwords.io
3 www.queryly.com www.newsmax.com
2 assets.revcontent.com assets.newsmaxwidget.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 eus.rubiconproject.com player.adtcdn.com
eus.rubiconproject.com
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 metrics.beyondwords.io browser.sentry-cdn.com
2 ads.pubmatic.com assets.newsmaxwidget.com
player.adtcdn.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 b1sync.zemanta.com 2 redirects
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 dpm.demdex.net 2 redirects
2 onetag-sys.com player.adtcdn.com
2 targeting.unrulymedia.com player.adtcdn.com
2 adservice.google.com imasdk.googleapis.com
securepubads.g.doubleclick.net
2 app.beyondwords.io 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 onesignal.com cdn.onesignal.com
2 z.moatads.com s7.addthis.com
assets.newsmaxwidget.com
2 imasdk.googleapis.com cdnapisec.kaltura.com
imasdk.googleapis.com
2 pixel.quantserve.com 1 redirects www.newsmax.com
2 googleads.g.doubleclick.net www.googleadservices.com
www.newsmax.com
2 player.adtelligent.com player.adtcdn.com
2 stats.g.doubleclick.net www.google-analytics.com
2 player.adtcdn.com www.newsmax.com
2 cdn.onesignal.com www.googletagmanager.com
cdn.onesignal.com
2 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
2 platform.twitter.com www.newsmax.com
platform.twitter.com
1 02179912.akstat.io s.go-mpulse.net
1 fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 ipapi.optiryte.com www.newsmax.com
1 js-agent.newrelic.com www.newsmax.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 px.ads.linkedin.com www.newsmax.com
1 match.prod.bidr.io eu-u.openx.net
1 ws.rqtrk.eu 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 acdn.adnxs.com player.adtcdn.com
1 ssc-cms.33across.com player.adtcdn.com
1 js-sec.indexww.com player.adtcdn.com
1 id5-sync.com player.adtcdn.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 id.crwdcntrl.net ads.pubmatic.com
1 oajs.openx.net oa.openxcdn.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 9f9f5662b2b94e850718fe9105522f7b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 browser.sentry-cdn.com audio.beyondwords.io
1 api-public.addthis.com s7.addthis.com
1 assets.newsmaxwidget.com static.newsmaxfeednetwork.com
1 i6.liadm.com i.liadm.com
1 trc.taboola.com i.liadm.com
1 syndication.twitter.com platform.twitter.com
1 hbopenbid.pubmatic.com player.adtcdn.com
1 htlb.casalemedia.com player.adtcdn.com
1 os4m-d.openx.net player.adtcdn.com
1 bid.contextweb.com player.adtcdn.com
1 apex.go.sonobi.com player.adtcdn.com
1 bidder.criteo.com player.adtcdn.com
1 ap.lijit.com player.adtcdn.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 cfvod.kaltura.com www.newsmax.com
1 static.newsmaxfeednetwork.com www.newsmax.com
1 s0.2mdn.net imasdk.googleapis.com
1 amp.akamaized.net www.newsmax.com
1 product.instiengage.com soapps.net
1 pxl.qccerttest.com www.newsmax.com
1 rp4.liadm.com www.newsmax.com
1 rp.liadm.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 c.go-mpulse.net s.go-mpulse.net
1 secure.quantserve.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 s.go-mpulse.net www.newsmax.com
1 soapps.net www.newsmax.com
1 fonts.googleapis.com www.newsmax.com
1 www.googletagservices.com www.newsmax.com
0 api.rlcdn.com Failed ads.pubmatic.com
0 ssc.33across.com Failed player.adtcdn.com
379 134
Subject Issuer Validity Valid
www.newsmax.com
R3		 2022-09-08 -
2022-12-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.kaltura.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-24 -
2023-04-25		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.beyondwords.io
E1		 2022-10-04 -
2023-01-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA		 2022-01-13 -
2023-01-22		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-14 -
2022-10-12		 3 months crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
player.adtelligent.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
newsmaxfeednetwork.com
Amazon		 2022-07-26 -
2023-08-24		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
assets.newsmaxwidget.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
newsmaxwidget.com
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
revcontent.com
Amazon		 2022-06-16 -
2023-07-16		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
assets.revcontent.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
images.newsmaxwidget.com
R3		 2022-08-10 -
2022-11-08		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
ipapi.datazapp.com
R3		 2022-10-01 -
2022-12-30		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 24 frames:

Primary Page: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Frame ID: 2E9B4199A607D2E1C1081BCD95DF7811
Requests: 291 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B99055CAAD6CD5E1DDB7BFC02D8BD756
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html
Frame ID: B756A525B60D12DA40EF1B1FB1A6644A
Requests: 4 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3B57F4ED708E8BDB4772FFD3E112143F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4764276F7CDB2B6F9A1B7DBFF869D05A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.newsmax.com
Frame ID: 4A5528B395A0DFF7BC77DE02B1764277
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 46F67B4AE6E7D7F419551556E32318F4
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D41BDCD0A9A4DC6476301CD977673B48
Requests: 1 HTTP requests in this frame

Frame: https://audio.beyondwords.io/e/5249085
Frame ID: A1CE2116FC2882FF79568B142ACAEF68
Requests: 11 HTTP requests in this frame

Frame: https://9f9f5662b2b94e850718fe9105522f7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FEFB646FB4B3B038267ADB0F48A75F95
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Frame ID: 278412EB3BEEE224C8D3F7C64D967E59
Requests: 12 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 62C8D19CEF4CABC56C279D76D42349D5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C9DF2A2E120EE397628F494E2F604A4B
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c-2cfImqCr7ikOaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined&gdpr=0
Frame ID: 87CEA11058A8A89AC464AE69B2DBAA97
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898&gdpr=0&gdpr_consent=
Frame ID: 776CF6A409F23B04951A22EC18925228
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Frame ID: 66159A31E13154D3EFBCB581EE55D6B4
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664898297389&gdpr=0
Frame ID: 83453209C8E5E17D0F94B77FF08BF10D
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?reat=1
Frame ID: 47573D0461D06FFBD2ADF831FA8AA93E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: B6E1976AC5B17AC775D67DCD2F07878D
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D65FC6EEB6D8C2D37C75A610639DDD61
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A021F9B8FA51A5E94C6B3EB912507C62
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsmax.com
Frame ID: 2F51B89875ADF433F3920B2191179DA9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 308A1D68A7818C5A923014F6BBB24AFB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A146F325D5483E8C7D8DDCBC450E3B1E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

US Defense Contractor Victimized by Ransomware Attack | Newsmax.com FacebookTwitterLinkedInCopy Link

Detected technologies

Overall confidence: 100%
Detected patterns
  • /CMSPages/GetResource\.ashx
Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

379
Requests

87 %
HTTPS

44 %
IPv6

79
Domains

134
Subdomains

99
IPs

13
Countries

15619 kB
Transfer

23537 kB
Size

97
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://sb.scorecardresearch.com/cs/9248945/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 77
  • https://rp.liadm.com/j?dtstmp=1664898295930&aid=a-026z&se=e30&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&tna=v2.5.0&pu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&wpn=lc-bundle&c=PHRpdGxlPgoJVVMgRGVmZW5zZSBDb250cmFjdG9yIFZpY3RpbWl6ZWQgYnkgUmFuc29td2FyZSBBdHRhY2sgfCBOZXdzbWF4LmNvbQo8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBbiBpbmZvcm1hdGlvbiB0ZWNobm9sb2d5IGNvbXBhbnkgdGhhdCBzdXBwb3J0cyBVLlMuIGRlZmVuc2UgYW5kIGludGVsbGlnZW5jZSBhcHBhcmVudGx5IHdhcyB2aWN0aW1pemVkIGJ5IGEgcmFuc29td2FyZSBhdHRhY2suIj4 HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1664898295930&aid=a-026z&se=e30&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&tna=v2.5.0&pu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&wpn=lc-bundle&c=PHRpdGxlPgoJVVMgRGVmZW5zZSBDb250cmFjdG9yIFZpY3RpbWl6ZWQgYnkgUmFuc29td2FyZSBBdHRhY2sgfCBOZXdzbWF4LmNvbQo8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBbiBpbmZvcm1hdGlvbiB0ZWNobm9sb2d5IGNvbXBhbnkgdGhhdCBzdXBwb3J0cyBVLlMuIGRlZmVuc2UgYW5kIGludGVsbGlnZW5jZSBhcHBhcmVudGx5IHdhcyB2aWN0aW1pemVkIGJ5IGEgcmFuc29td2FyZSBhdHRhY2suIj4&i6=MmEwMTo0YTA6MTMzODo5Mjo6NQ%3D%3D&n3pc=true
Request Chain 130
  • https://app.beyondwords.io/api/v2/projects/15943/podcasts/iframe.html HTTP 302
  • https://audio.beyondwords.io/r/15943
Request Chain 197
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fe23df4aec54a4aa6b1c3dcb70cb51c68%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&74bf5089-c857-4ee3-a063-367df98f551d HTTP 302
  • https://i.liadm.com/s/e/a-026z/0/e23df4aec54a4aa6b1c3dcb70cb51c68?mpid=7156&muid=8765633c-54f9-4200-8159-6c977aa79157
Request Chain 199
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=74bf5089-c857-4ee3-a063-367df98f551d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=74bf5089-c857-4ee3-a063-367df98f551d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=85c593c9-995f-4c2c-8115-084123a5db38 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=74bf5089-c857-4ee3-a063-367df98f551d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=85c593c9-995f-4c2c-8115-084123a5db38&google_hm=ODVjNTkzYzktOTk1Zi00YzJjLTgxMTUtMDg0MTIzYTVkYjM4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKtjVAL75Z0Oge4jYXAB_TU&google_cver=1&ssp=liveintent&bsw_param=85c593c9-995f-4c2c-8115-084123a5db38 HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=85c593c9-995f-4c2c-8115-084123a5db38
Request Chain 200
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=74bf5089-c857-4ee3-a063-367df98f551d&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fe23df4aec54a4aa6b1c3dcb70cb51c68%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=74bf5089-c857-4ee3-a063-367df98f551d&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fe23df4aec54a4aa6b1c3dcb70cb51c68%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-026z/0/e23df4aec54a4aa6b1c3dcb70cb51c68?mpid=82775&muid=56430450375790623322768703582299557563
Request Chain 201
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=74bf5089-c857-4ee3-a063-367df98f551d HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=74bf5089-c857-4ee3-a063-367df98f551d&rd=Y
Request Chain 203
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Request Chain 288
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=VnGRgHw3TzVDckJwcmR4VnAvaURCZmh5QUVkVDJrRlJySXlIaHBqcUJ5YjFvS3BGUlRHZm9DLys5RjkvdWloS0l3MC91M3oyZkR3UVBIQThZcHBXb2NvMjBHanZpTzlaNmxFWUtGK3FoYW9BYVowT3g3ZFA3UHkyQU1LWnY1aGk0dENYVnlUeDl1U3B3MTFtSURYOEplcVZjUlRDS2ZCYkQyWWQrc2tORzdzS2NHSWRwNGh5YzdKSEhMN1N3QlgzUkxBRTVLK1ZWRTI0UnBpNkdOaFNIdzRiQ045Rm02enZwY1NvN2RwcXhNOEpZaU8raWVPeUI3b005allXTENnbzlYYllqfA&cppv=2
Request Chain 292
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 300
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=cySoKnxFNmtZSlUxMXZLNDd2QVdIcnJ6TEFzYThUTkZLNVdzU1dEdWtoWWVaTUFWZjBidmFWTWJNeUlIY0pXZ3NMSmUyb1U0ZUhVNUxZbHBmMWgvQXNZTW55SStYQ2VKMll3UXBjUy9nVjdDWW5UZi9iWlNPVFpuZ1VFeXErZHdBMmloN1VmVDRzeE53WmFUc2tEb2xHUENnRWx5YmpkWEVGejdEK0lwSHlvNm44WkFuSzVLNHFCMHFtdmxvWFh5WDN2VVE4ME9XTUlYcUpoL0lQc2dJMEVka0wzTHJZOHZpMVkwKzlRN3RnQW9mVG8wTnhGeUZPNC9BRVVrRnJoQWQxbjZifA&cppv=2
Request Chain 307
  • https://bh.contextweb.com/visitormatch HTTP 302
  • https://bh.contextweb.com/visitormatch?reat=1
Request Chain 310
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=85c593c9-995f-4c2c-8115-084123a5db38 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=85c593c9-995f-4c2c-8115-084123a5db38 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e56cce14-5d30-46fb-9b86-eab3d073ef9d&ssp=sonobi&expires=30&user_group=5&bsw_param=85c593c9-995f-4c2c-8115-084123a5db38 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=85c593c9-995f-4c2c-8115-084123a5db38
Request Chain 311
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5131077722748813356
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YmRjYzFkZTQtZWY3Yi00NmRlLTk3NGUtMGU3NjQ2ZGFkODdj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEJZilfM-J8pEs51SMkaXDUU&google_cver=1
Request Chain 314
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8765633c-54f9-4200-8159-6c977aa79157
Request Chain 315
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=bdcc1de4-ef7b-46de-974e-0e7646dad87c&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NU5jRGw5R0pzbzdHV0ZhcThKdWNHdw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGvXA2DOJh44Q_qetVlqUp0&google_cver=1
Request Chain 319
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8hukU1S61OFK6q5
Request Chain 320
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=85c593c9-995f-4c2c-8115-084123a5db38&gdpr=&gdpr_consent=
Request Chain 321
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7625102834525118574
Request Chain 323
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8765633c-54f9-4200-8159-6c977aa79157
Request Chain 324
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=mGuVyptswJGDaZadn2CLnJdukJmDO5WemTo47E9z
Request Chain 325
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6050012896084310550
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBD2mwPW5uWHvr8zpU27650&google_cver=1
Request Chain 331
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 334
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhVREdLMFQtNi1HN1RG&gdpr=0
Request Chain 335
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ5ZmQyMjc2YzU1NWEwYmYyM2UxODYxYzY0NGFmNGVmZGViZTZiZg&gdpr=0
Request Chain 336
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VdCLdmtoSqa4b78JzajL5Q&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VdCLdmtoSqa4b78JzajL5Q&gdpr=0
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOzrKpYz4D69G9gi9pjCb1Y&google_cver=1
Request Chain 338
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/VmlxOSUD3Am7y6Z80b4o2A?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4650119976996290186
Request Chain 339
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8UDGK0T-6-G7TF&gdpr=0
Request Chain 340
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PiC2Y13gTm-KIb7w3PHcMA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PiC2Y13gTm-KIb7w3PHcMA&gdpr=0
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMZ9xvtrqQcOX2ipkukGus8&google_cver=1
Request Chain 344
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB&dcc=t
Request Chain 345
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzxU-1Hzo3HI-aHYprnZPgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHI-f9wLpn8zn0Lrn3K0DEk&google_cver=1
Request Chain 347
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664984703
Request Chain 348
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 349
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7625102834525118574
Request Chain 378
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=newsmax.com&sn=ChromeSyncframe&so=3&topUrl=www.newsmax.com&bundle=jM9SOF82TEk4T2dKaUJsRVl3SEg3dTl5T1FRNEtkWHU1U3dWRk4yMEpqVkUlMkJNQXJyTiUyRk56V3Faa3J2a21MS2pPM0puV2Z6bzhGcjIzQVpUblQ2SnBQdWVNemxRQzVSd0hUZEhqRmdMY2ZqWkZnd2ZXRGR0bFpseHNna0NtYVJMd0ElMkIwcw&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jIakrXxKemJNMHZ6YkNjOUNweitNRDVwdWZ2RDN2Vjl6N0RRb1ZnMGRmVnMzN0tleCtCcTlMVU0zNlVLNSt1K1dZRkk2MWxpR2RYKytMS1dUeVY2M25jRk95TXUxNmowZE5Cdk9HUHV2V1o0Y2Fad3NvOHJadDZqZnVGck93QkZRcGNVM2tsREdkTG1CUmZpRE9yM0NhYnAxNDNFQktRV2VPcWRqZUExTU1LSnpvM05nM2cvZStQb1RsWU1RcXFQTURHQ2pEdnFoaCtLcDBSTGhkRVNZUU1vT3B6bmRtRktIZitNWSs0QW1kQWhlTjNNZHBTZzNFaHNma3ZzS2t3UEI0eXZWY3pBdithM3FCWjF5Zm9pK3RHOFV2Q3FLRHg2Zmd2UXVhVzc3Nmg2aW4rcz18&cppv=2
Request Chain 382
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pksvhtta2 HTTP 302
  • https://kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 383
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pksvhtta2 HTTP 302
  • https://fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net/eum/results.txt

379 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/ 		204 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
19d31d275a88cdb10cc90070d7605d601ce49b461d0af05ed4135328066376c0
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 04 Oct 2022 15:44:54 GMT
expires
Tue, 04 Oct 2022 15:44:54 GMT
link
<https://cdnjs.cloudflare.com>;rel="preconnect",<https://www.queryly.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://b-code.liadm.com>;rel="preconnect",<https://www.googletagservices.com>;rel="preconnect",<https://platform.twitter.com>;rel="preconnect",<https://securepubads.g.doubleclick.net>;rel="preconnect",<https://sb.scorecardresearch.com>;rel="preconnect"
pragma
no-cache
server
Microsoft-IIS/10.0
server-timing
cdn-cache; desc=REVALIDATE edge; dur=258 origin; dur=2059
strict-transport-security
max-age=0
vary
Accept-Encoding
x-akamai-transformed
9 69952 0 pmb=mTOE,4mRUM,2
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge IE=edge
GetResource.ashx
www.newsmax.com/CMSPages/ 		0
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSPages/GetResource.ashx?stylesheetname=Empty
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
date
Tue, 04 Oct 2022 15:44:55 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
attachment; filename="Empty.css"
server-timing
cdn-cache; desc=HIT, edge; dur=50
content-length
0
x-ua-compatible
IE=edge
last-modified
Wed, 03 Aug 2022 18:58:40 GMT
server
Microsoft-IIS/10.0
etag
"cssstylesheet|1537f138-8154-43b1-9ffb-c35a6dda086c"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=0
expires
Tue, 04 Oct 2022 15:44:55 GMT
newsmax.min.css
www.newsmax.com/css/ 		238 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/css/newsmax.min.css
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
824f4ca1a4d8e5d1bf711ba3923cf38a75916abb6e0af5e1e137852c108b7e83
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:54 GMT
last-modified
Thu, 01 Sep 2022 16:30:06 GMT
server
Akamai Resource Optimizer
etag
"6804aa0ebed81:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=478204
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
34839
x-ua-compatible
IE=edge
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1952178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovWs9u0T%2FfcQdn44qltkTj2AqvnpNo8kCzra4Vcm14%2F5XD7F3WAZm2H8NV0mjqZNjE9QE3UNZg3hHo1ls%2FpcciF3jaFe7iFyizJiUQKVgztXMB6a6ssAJhDyu0zJkjGpSvBU8d%2BTvrlitvAwPeByI2Bz"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0aa7e85d9b1f-FRA
expires
Sun, 24 Sep 2023 15:44:55 GMT
jquery-3.2.1.min.js
www.newsmax.com/js/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/jquery-3.2.1.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Sat, 24 Sep 2022 00:15:27 GMT
server
Akamai Resource Optimizer
etag
"01f232a537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=229344
server-timing
cdn-cache; desc=HIT, edge; dur=6
accept-ranges
bytes
content-length
27226
x-ua-compatible
IE=edge
jquery-migrate-3.0.0.min.js
www.newsmax.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/jquery-migrate-3.0.0.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 22 Sep 2022 03:53:57 GMT
server
Akamai Resource Optimizer
etag
"01f232a537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=69650
server-timing
cdn-cache; desc=HIT, edge; dur=9
accept-ranges
bytes
content-length
2378
x-ua-compatible
IE=edge
jquery-ui-1.12.1.min.js
www.newsmax.com/js/ 		248 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/jquery-ui-1.12.1.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 22 Sep 2022 08:03:05 GMT
server
Akamai Resource Optimizer
etag
"01f232a537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84738
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
57146
x-ua-compatible
IE=edge
SponsoredHeadline.js
www.newsmax.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/SponsoredHeadline.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
fd7b76263428d15a209bea5abba0c2c72b29cc6e84337eda19de82bc61d1a8e6
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Fri, 23 Sep 2022 12:25:04 GMT
server
Akamai Resource Optimizer
etag
"ccebc19780bbd71:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=191700
server-timing
cdn-cache; desc=HIT, edge; dur=8
accept-ranges
bytes
content-length
845
x-ua-compatible
IE=edge
jquery.cookie.js
www.newsmax.com/CMSScripts/jquery/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/jquery/jquery.cookie.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Sun, 25 Sep 2022 14:30:22 GMT
server
Akamai Resource Optimizer
etag
"0c5c027537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=367054
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
1131
x-ua-compatible
IE=edge
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10175858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16919
last-modified
Tue, 06 Oct 2020 12:01:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7c5ca4-e5ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFhaVPGUJ9%2Bt3vLDmZVVarPLe0WZmsQDmOtGL8gjMJpxz6PlZihHD0iW3%2FEZP0hHkXWax%2B1%2F6YVVP%2Bm3lUCpyl0KuOVpFfifmJivA7H0Xr%2BQH1yeoxmod%2Bnl8ZUgzWalD7GvHf1Vow5iLqKC7Fwj76mn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0aa7e87b9b1f-FRA
expires
Sun, 24 Sep 2023 15:44:55 GMT
HeaderScripts.js
www.newsmax.com/CMSScripts/Newsmax/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/HeaderScripts.js?v=1.0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
2f0dd8ca4aa9fb6b68aee8d9ec46d7c9a89c094c0c33d1c96158130e7a28440f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Sat, 24 Sep 2022 14:39:07 GMT
server
Akamai Resource Optimizer
etag
"6c8f7fd76691d81:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=281294
server-timing
cdn-cache; desc=HIT, edge; dur=16
accept-ranges
bytes
content-length
2205
x-ua-compatible
IE=edge
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c20e6b0166821617ea4fcb6b69e914a7d518211f04ec07adea24244bf5e1b972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27730
x-xss-protection
0
server
sffe
etag
"1353 / 569 of 1000 / last-modified: 1664881750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Oct 2022 15:44:55 GMT
jquery.colorbox-min.js
www.newsmax.com/CMSScripts/Newsmax/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jquery.colorbox-min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
4cc3aa296e490c4345a5746b895a922cdead09f111a80b38a2d2ca97f19ab634
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 22 Sep 2022 11:01:42 GMT
server
Akamai Resource Optimizer
etag
"0c5c027537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=95281
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4199
x-ua-compatible
IE=edge
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1702477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9564
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-ab69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P06NDAAg6sYhpdy2FEmNL79%2FkXerPkehKeiomo4sjV7wulvryV6yHwl7uRWgJ6Y6C6BLvrSwMeEPr6VlW2Ce3yP8nNIlxSgdNoB%2BQxa3lYwnfP4KEGO73vNszfKo0vvuA9cDgxyL3G%2BzBAXMKTXcAXuz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0aa7e87d9b1f-FRA
expires
Sun, 24 Sep 2023 15:44:55 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		2 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7748245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
657
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-956"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEGBb05JmJ8TgHI6%2FhjyYE%2FAPv0DGhaEC1jp021mlyfs470pW9gNnr%2F4%2FJOG33EaPa%2F%2BR4iMIHx%2BfXwcmYRsd2lj4exQc%2FZrj2864ZKFLPvLreSJxEYSSTWmF5i3vleJcC90jfIyj32NK2nsC%2BIeXPvv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0aa7e8609b1f-FRA
expires
Sun, 24 Sep 2023 15:44:55 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		1 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3626481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
394
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-559"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Za0RtaAzsWG0f7xZJKeJ8L6aaKmlR5zfXM7kgEsEgu5Zk5RNzrh2r%2FrzEmOW2fpiaqIVhiRbM%2BDMqoshVlHrLQLTBhj8IANnELaFJOAKAf5l5JDJbV6tjZCnrqB%2B%2Fk7GfO7JZnFtLRDtkX%2BSdUrT%2FoKF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0aa7e8769b1f-FRA
expires
Sun, 24 Sep 2023 15:44:55 GMT
pub-2932230807573228
fundingchoicesmessages.google.com/i/ 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-2932230807573228?ers=1
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a34841d1941f0a3454b742dbca6c1b64d016cade03ef874351174c3106ed02a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QmzaflBww6CHczlNcXbt_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-QmzaflBww6CHczlNcXbt_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.newsmax.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/analytics.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
aca9e5a67f06ff68ac7ced2031ef234afd2f20010451a904f25b8d4fcbfb04f8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Tue, 20 Sep 2022 16:37:35 GMT
server
Akamai Resource Optimizer
etag
"01f232a537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=194157
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
869
x-ua-compatible
IE=edge
de49d3a
www.newsmax.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/akam/13/de49d3a
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
10106eb543cd1349e7732ef270142d580f88b77107e2e55daeef673aaaa648f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:11:29 GMT
etag
"b786a4118715a52a968da1618c9ffff916e75359d5774bc3768ef58556922c43"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=62
content-length
8792
expires
Tue, 04 Oct 2022 15:44:55 GMT
WebResource.axd
www.newsmax.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/WebResource.axd?d=ajj-54hEFw_9s8vUhC7aqiqIMz0pNh5t4_SU2ofVsVwummsDI5FJiI5GycwOyKPz2gszbuHXhWsBOxBmW8C9TcQBcJ41&t=637811549229275428
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:55 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
6190
x-ua-compatible
IE=edge
last-modified
Fri, 19 Nov 2021 23:47:03 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=19022793
expires
Fri, 12 May 2023 19:51:28 GMT
ScriptResource.axd
www.newsmax.com/ 		100 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/ScriptResource.axd?d=loHavPNe5-_O6-V3CpmHjIdMuSiXtcpWnzKoZD-UT8JxRi8UwWlnQEWIm_xcEZefPXVTHWQVkrAwyQS5K6tYoAzkJ1emGBD02Q1-XF_Wkm8MAoqsOJaC48nXex3lIrasiamatjcOgjyDKLfqTq2xRqsscLw1&t=ffffffffaa493ab8
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:55 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
34415
x-ua-compatible
IE=edge
last-modified
Thu, 12 May 2022 19:52:53 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=19022878
expires
Fri, 12 May 2023 19:52:53 GMT
ScriptResource.axd
www.newsmax.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/ScriptResource.axd?d=ZdTB-9wgzkd9MabCDj2_sb4StvrEu3LYOwvQ0ovmO7RIA8MWwIA06RJTjeOr04VT2W6gvKbcIGnaVcB4YCVNs7UBEyicwrJOogQaVis9iLBEtOOhRy7hM4660Qd2GT-FSNcpu2pEX72vVsVfVTR3eSQV2jYblFlPZ-AzoBtrh_Obe_2_0&t=ffffffffaa493ab8
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:55 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
13475
x-ua-compatible
IE=edge
last-modified
Thu, 12 May 2022 19:52:53 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=19022878
expires
Fri, 12 May 2023 19:52:53 GMT
livevalidation_standalone.compressed.js
www.newsmax.com/CMSScripts/Newsmax/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/livevalidation_standalone.compressed.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
2cb0b567a460d1ad8cda6eb7df264e6070ff50f9cc54548b81b07ab44671aa9e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Mon, 19 Sep 2022 19:12:33 GMT
server
Akamai Resource Optimizer
etag
"0c5c027537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=418518
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
3082
x-ua-compatible
IE=edge
ads.adblock.js
www.newsmax.com/js/ 		85 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/ads.adblock.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
bcac3bf87fa15538baecc11175568cd47945a0f3ea3c91d23daafe6423b56983
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Tue, 20 Sep 2022 14:14:43 GMT
server
Akamai Resource Optimizer
etag
"01f232a537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=217824
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
76
x-ua-compatible
IE=edge
whitesearchicon.png
www.queryly.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitesearchicon.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6bc30e75c37bf18ef1ab4c691fa3cb3e8733f6c33bdd18d76e7c08c6d86040ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3958
x-powered-by
ASP.NET
content-length
2423
last-modified
Wed, 22 Apr 2020 02:43:06 GMT
server
cloudflare
etag
"d8c5c3c04f18d61:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAB1X8o4MofZXNP0kZxkiIIWW6mAUPFcA48nSie%2Bh9bLsFS98FCCIJuaQ4RtBwORTxxL3cmNi%2BtJ51ztSVCcztJIdHQoXmZs2vi%2FaH4cOBoCVW%2BnElP4oLHeZUH786fxcXWnmKWcWyB2xi6o8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
754f0aaa69eabbaf-FRA
access-control-allow-headers
*
queryly.v4.js
www.queryly.com/js/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3db1711b708e98ad42b7764a019342259e8c5c8fd4d4602fadd8e28b69f0200a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3968
x-powered-by
ASP.NET
last-modified
Thu, 11 Aug 2022 16:00:33 GMT
server
cloudflare
etag
W/"80a6a27c9badd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2ByBHRj2DS7dmmcY%2FO3jvAo8BMtfeuZ4JrVgek0Epxyt1ktym%2B8p4GgF%2FrE2O3VbkVs%2F%2F6R%2FZN2Ql%2BnsVfy0sNy49R2%2Fumd3%2BRjBZ6FK0tn%2B0UqQwMmC1qbRQ77QKOI3M%2BBCKkZnc2h7Eu9wYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
754f0aaa69e5bbaf-FRA
access-control-allow-headers
*
46496733
cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/ 		2 MB
530 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:586::10fe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kaltura /
Resource Hash
8cb4f12bc20ae277a273d230c8d2e3f2317fa0e529e69d02419523bca097d7e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-me
ny-nvp1-fapi-c444
date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
gzip
x-proxy-me
nvp1-front-proxy-blue-75b6988ddf-ffh2n
x-kaltura-session
476952818, 1664898295
pragma
no-cache
last-modified
Mon, 03 Oct 2022 17:25:38 GMT
server
Kaltura
x-proxy-session
13da15cbbd25ff042368119cd9fbd31f
etag
8eb2b844f9d040f7c5849ff42b332120
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=600
x-robots-tag
noindex
expires
Tue, 04 Oct 2022 15:54:55 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116423
iframe-helper.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@latest/dist/module/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@latest/dist/module/iframe-helper.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12140b4473f394cc528bb35f79e33d7c0fc900303ed5c207166516d6b60ece3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
68220
x-jsd-version
0.0.6-rc11
via
1.1 vegur
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
content-length
7909
x-served-by
cache-fra19182-FRA, cache-cdg20761-CDG
x-jsd-version-type
version
server
cloudflare
etag
W/"59fb-ZwpK9WFGJwnsVrnqJgHi0uRqo4E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMs6lux6QLd%2F%2FKeKkz79jbDrSoNS1GSNRlwRyMGgdxpP0zpjZcK4I8Jf1Kb8IRMIkTQPffPHRhmGO55y5YxPLp%2Bfnzl335yKdm61zlJv0be07mRWyhP3V9Zt2AgKbcMa%2BK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0aaa691c9b9b-FRA
expires
Tue, 11 Oct 2022 15:44:55 GMT
tooltipCloseButton.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		291 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/tooltipCloseButton.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
792841a32ebf331ee6adcf3f7714ae9cca8cdf615fea08bee8f13d8a83dd8688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 20 Jan 2022 15:39:27 GMT
server
Akamai Image Manager
x-serial
1769
x-check-cacheable
YES
etag
"03e2d24537dd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=53792
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
291
expires
Wed, 05 Oct 2022 06:41:27 GMT
GetFile.aspx
www.newsmax.com/CMSPages/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/CMSPages/GetFile.aspx?guid=25a4d158-5565-41c8-9b8a-e77aec498488&maxsidesize=120&SiteName=Newsmax
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f6a2b5f7cf6d33103d9d709f419b0b9dd5bedb24b7bbf81f5d7d5676a57bf620

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Fri, 30 Sep 2022 12:16:44 GMT
server
Akamai Image Manager
etag
"en-us|25a4d158-5565-41c8-9b8a-e77aec498488|9/29/2022 2:14:05 PM|LiveSite"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
server-timing
cdn-cache; desc=HIT, edge; dur=97
content-length
6940
expires
Wed, 05 Oct 2022 03:44:55 GMT
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 14:20:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Oct 2022 15:44:55 GMT
nm-logo-sq.gif
www.newsmax.com/App_Themes/Newsmax/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/Newsmax/images/nm-logo-sq.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e7ddb6a0e855c5e9ec7b21b5bddab044922ba7d768781a19466fd09eaf2547dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Wed, 11 May 2022 17:56:11 GMT
server
Akamai Image Manager
etag
"d865ca24a160d81:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=526516
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1077
expires
Mon, 10 Oct 2022 18:00:11 GMT
oauthclient.js
www.newsmax.com/js/sso/ 		3 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/sso/oauthclient.js?v=1.5
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
3b57856220502463404208797101b5694691dd36e30354f5ff57bc144fd611d9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Sat, 01 Oct 2022 09:14:05 GMT
server
Akamai Resource Optimizer
etag
"44ed282630abd81:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=322081
server-timing
cdn-cache; desc=HIT, edge; dur=9
accept-ranges
bytes
content-length
689
x-ua-compatible
IE=edge
bundle.js
soapps.net/live/loader/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/bundle.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.11.30 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-11-30.compute-1.amazonaws.com
Software
/
Resource Hash
3988f57751937ac8f5ceb338d62672d4f6ae1b8dfdbb969c651adf3184ef830d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:55 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 23 Aug 2022 11:25:56 GMT
ETag
W/"6304b944-50f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=300
Connection
keep-alive
jQuery.signup.js
www.newsmax.com/CMSScripts/Newsmax/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jQuery.signup.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
fedbb98e0dadd4964896ee19251fbab829fcfb84fd7710ee7a56d5e87a7ac914
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Mon, 26 Sep 2022 04:24:36 GMT
server
Akamai Resource Optimizer
etag
"961fd2d61083d71:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=417164
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4037
x-ua-compatible
IE=edge
SMS-Banner-300x600-v2.jpg
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/SMS-Banner-300x600-v2.jpg
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
90fb6f285e623bb5acd728f0422f99bc79c9f405374034703045cbd837c3349c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Sat, 13 Aug 2022 20:57:35 GMT
server
Akamai Image Manager
x-serial
564
x-check-cacheable
YES
etag
"01cebc8451d81:0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, no-transform, max-age=283621
server-timing
cdn-cache; desc=HIT, edge; dur=35
content-length
43487
expires
Fri, 07 Oct 2022 22:31:56 GMT
jQuery.articleDFP.js
www.newsmax.com/CMSScripts/Newsmax/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jQuery.articleDFP.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
32c7487cc816da6071ed8bbf4e16a231480f3e00b627e298b1324f8a440b9908
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Tue, 27 Sep 2022 06:00:01 GMT
server
Akamai Resource Optimizer
etag
"56787cbb8663d71:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=378217
server-timing
cdn-cache; desc=HIT, edge; dur=8
accept-ranges
bytes
content-length
2160
x-ua-compatible
IE=edge
jQuery.articleEcomms.js
www.newsmax.com/CMSScripts/Newsmax/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jQuery.articleEcomms.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
9ce5e5b6c6ceb76402d5d13a15ff17223de24c484c2f2efe7cdbee4ac0eab96e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Tue, 27 Sep 2022 03:06:58 GMT
server
Akamai Resource Optimizer
etag
"c44ad0e6fb91d81:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=498915
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
1001
x-ua-compatible
IE=edge
jQuery.article.js
www.newsmax.com/CMSScripts/Newsmax/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jQuery.article.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
b96868ee0f8c549224fc5b618409007b1cb3a9d1c6632a44cbb85eb809e0ff69
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Tue, 20 Sep 2022 22:09:07 GMT
server
Akamai Resource Optimizer
etag
"656f045d2f1d71:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=137901
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
3979
x-ua-compatible
IE=edge
jquery.zclip.js
www.newsmax.com/CMSScripts/Newsmax/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jquery.zclip.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
c25a41beadb5afc68a4c4b2b1e94143ae0b6db7d3745640f4d55a62c2851e133
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Tue, 20 Sep 2022 17:18:29 GMT
server
Akamai Resource Optimizer
etag
"0c5c027537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=489602
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
3656
x-ua-compatible
IE=edge
ios.png
www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ios.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
500b1cb2d9aed655f5bc0eb0313a6ebf75d3613e94b2234a60f532eea7e51590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 20 Jan 2022 15:39:31 GMT
server
Akamai Image Manager
etag
"db4515d7abf6d71:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=245399
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1389
expires
Fri, 07 Oct 2022 11:54:54 GMT
play.png
www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/play.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6ad0665b8b1e41b73f4232e0c7940822116c2038cd2550897549d7f8a2bff668

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 20 Jan 2022 15:39:23 GMT
server
Akamai Image Manager
etag
"e27585d6abf6d71:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=53005
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1749
expires
Wed, 05 Oct 2022 06:28:20 GMT
newsmaxqr-80.png
www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/newsmaxqr-80.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
548ff995b93f8f32334747b861c74a4dc11d6624456679485d6d4a6930d39b67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 04 Aug 2022 18:27:43 GMT
server
Akamai Image Manager
etag
"39c4c7e5aaf6d71:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=257357
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3242
expires
Fri, 07 Oct 2022 15:14:12 GMT
jquery.zrssfeed.min.js
www.newsmax.com/CMSscripts/newsmax/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSscripts/newsmax/jquery.zrssfeed.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
b2e91321d1b560fe1ec1aba1374e92c5dd4c33b2abc0cdc6079b5b74894acd56
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Wed, 21 Sep 2022 21:34:44 GMT
server
Akamai Resource Optimizer
etag
"0c5c027537dd51:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=591624
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
1065
x-ua-compatible
IE=edge
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:55 GMT
Content-Encoding
gzip
Age
611
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29223
x-amzn-internal-status
304
Last-Modified
Wed, 28 Sep 2022 20:05:37 GMT
Server
ECS (frb/6772)
Etag
"f26384f93da6974ed577808dfa1fede5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
RRNR9-85ANW-4QF6A-ZJTU2-LGRHY
s.go-mpulse.net/boomerang/ 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/RRNR9-85ANW-4QF6A-ZJTU2-LGRHY
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
last-modified
Wed, 21 Sep 2022 15:02:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		279 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92199815190cd625c0325ae94ec6401315c4027ca827446e18d34ca522cff01e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85914
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 15:08:24 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Oct 2022 15:44:55 GMT
spriteVertBkg.gif
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		159 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/spriteVertBkg.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5f79d06810cf448519b18ccab3fdcc94a27457d67457c0ab90fc00708ef85245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 20 Jan 2022 15:39:21 GMT
server
Akamai Image Manager
etag
"03e2d24537dd51:0"
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=91510
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
159
expires
Wed, 05 Oct 2022 17:10:05 GMT
nmSpriteMaster.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/nmSpriteMaster.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1963f6ba3fb5c0fe5ea91c5156292beb8dfddee3e14bb995185f5b440dd9f0af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Mon, 25 Apr 2022 18:26:02 GMT
server
Akamai Image Manager
etag
"2f20ca3fd158d81:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=262148
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
55073
expires
Fri, 07 Oct 2022 16:34:03 GMT
newsmax_logo_new.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/newsmax_logo_new.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5ece4398c41c452d1fb318c62936d1d73fffc2f6dfdf10ed988ac67113dee701

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 20 Jan 2022 15:39:29 GMT
server
Akamai Image Manager
x-serial
1501
x-check-cacheable
YES
etag
"99dea9698c8d81:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=239929
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3407
expires
Fri, 07 Oct 2022 10:23:44 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/9248945/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:33:44 GMT
content-encoding
gzip
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
672
x-amz-server-side-encryption
AES256
etag
W/"5b0f9f0704a703b8da651007721fac57"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TrN9LuJ34AfEW544L6RqZoobuWTV9_tObgLTEbCnleQmjqPSemwVyQ==

Redirect headers

location
/internal-cs/default/beacon.js
date
Tue, 04 Oct 2022 15:44:55 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
gSy6sKf6pWP76XYiNnemtU29e954s2xOAOxR4WZJxaQNCIHndwuhkA==
x-cache
Miss from cloudfront
spriteHorBkg.gif
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		98 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/spriteHorBkg.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0170004a718387fce95146859083c72db0df41425ec06c63d9e63e28d667102a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Thu, 20 Jan 2022 15:39:27 GMT
server
Akamai Image Manager
etag
"03e2d24537dd51:0"
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=77649
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
98
expires
Wed, 05 Oct 2022 13:19:04 GMT
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3976
x-powered-by
ASP.NET
content-length
816
last-modified
Thu, 11 Jun 2020 23:20:57 GMT
server
cloudflare
etag
"d7046f64640d61:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IAQT6arG84y%2BOO8QDu%2FQ3B4FNCK4I1PLT6L0doRKjHSQAdJVChgFuvSxPalbshlhHtwfLJMtyyF2OKKUrlOhoncsL0ekJ7alX%2FJCesR%2Fr%2FAEf1Tk38%2B3NqWAt2Qo7Kq4NuMZavbagHqZCP6tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
754f0aaadb24bbaf-FRA
access-control-allow-headers
*
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9248945&cs_it=b2&cv=3.8.0.210223&ns__t=1664898295486&ns_c=UTF-8&c7=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&c8=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&c9=
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
d4wicUBm3TBKyaa-J61DGe0zAHSVVbOE1JU6SyE0Pci5nPKfPLBi3w==
x-cache
Miss from cloudfront
Bodoni_SvtyTwo_ITC-TT-Bold.ttf
www.newsmax.com/App_Themes/NewsmaxNew/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/fonts/Bodoni_SvtyTwo_ITC-TT-Bold.ttf
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5fb513268e641e680e8f2c0848af922f84c20368d1838b90655571cef9975b6f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.newsmax.com/css/newsmax.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
date
Tue, 04 Oct 2022 15:44:55 GMT
last-modified
Sun, 26 Apr 2020 16:56:42 GMT
server
Microsoft-IIS/10.0
etag
"081f6a8eb1bd61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
83472
x-ua-compatible
IE=edge
pubads_impl_2022092801.js
securepubads.g.doubleclick.net/gpt/ 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130694
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Sep 2023 21:47:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		204 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newsmax.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ad8998fe6514a24a6618c0ab0fc6b6f2bfdb1309a89a213d3e9b810783ba9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125
x-xss-protection
0
expires
Tue, 04 Oct 2022 15:44:55 GMT
AGSKWxUsF_VxSwb2ptUo7k0MOw6gRCzX9AD-UKFOf7JN25RhaoFtdaiEm9mJkhdb_DVrYzAYHHx9D2_5i9youtHV22g=
fundingchoicesmessages.google.com/f/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUsF_VxSwb2ptUo7k0MOw6gRCzX9AD-UKFOf7JN25RhaoFtdaiEm9mJkhdb_DVrYzAYHHx9D2_5i9youtHV22g=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0ODk4Mjk1LDYzODAwMDAwMF0sIkI0Njg3MjMxLThEQUUtNEY5OC04NTI1LTcwNDIzMEJCNEIzMiIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cubmV3c21heC5jb20vbmV3c2Zyb250L2RlZmVuc2UtY29udHJhY3Rvci1yYW5zb213YXJlLzIwMjIvMDkvMjkvaWQvMTA4OTYwNi8iLG51bGwsW1s4LCJOcnF0SXpuemNJZyJdLFs5LCJkZSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f70669fd56fbba6261e2a0a2f560e08f1761d02335e6370885159e919e9d5ed1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YIsFPNrG_fAjNNuVtOQoHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-YIsFPNrG_fAjNNuVtOQoHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 04 Oct 2022 15:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1738
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 04 Oct 2022 17:15:57 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15192
x-xss-protection
0
server
cafe
etag
699633608045481581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 15:44:55 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
gzip
etag
"+b0B6ncQDCugPb96DWf2QA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 11 Oct 2022 15:44:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 04 Oct 2022 15:44:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
s0peOcrHJ5VVFntiqihCVayl9Xb3Xw9Gf1Jm1JGX7Jn10pLYvoindd851GrocBLlsdGi5Rum074bN2eNlpCTSg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
a-026z.min.js
b-code.liadm.com/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-026z.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a78ad4c8d15ac05f97740264d08f3b816e57f1265f1ba87345ddbc8df2970bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 02:17:19 GMT
content-encoding
gzip
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
48456
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Mros-bdvPyD3iVxXxOVfHhuJdv5mj_Ky84o8oSifbB4RtWacQfC4mg==
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
971
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
754f0aacddba9b4b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 07 Oct 2022 15:44:55 GMT
hb_319293_10071.js
player.adtcdn.com/prebidlink/462471/ 		377 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a694dfbdef7cf57647736e00e5fa86338f3c644a66adb0fc20a2484af9646612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Aug 2022 20:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
769
etag
W/"62fe9c7e-5e2f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbK%2Betke9Uh35dQTPrXX9%2FU9xSZ82CBtuT6ZIg1PofW8dGzJwJqu3hbjMmH5pGO480SL%2Fb8crqgqPNMKBHO3RRxN3hXiT3e3Lbs19oSNLFtECOzEp58algx8WCRdWjI6FCVmgWGPU1x46dzWpGdEqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
754f0aacdb23917d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Oct 2022 15:47:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48906364c460ec1e87589bdbbc63ab8479b10d10050f5d70b0e1022f6d6b0cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27743
x-xss-protection
0
server
sffe
etag
"1353 / 325 of 1000 / last-modified: 1664881750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Oct 2022 15:44:55 GMT
wrapper_hb_319293_10071.js
player.adtcdn.com/prebidlink/462471/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/462471/wrapper_hb_319293_10071.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f7ad41fd49182c64a8e99d2567ae6f550852bcd1afa1a85ec7c60d645909ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Oct 2022 22:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
769
etag
W/"633b5e0a-6e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7N7xDZl%2BSdvEMeCfDJ7GRAPodsdyXaYzPIw2V2oXGR7zkv6roO0xgr8L11Y96W3QSG5VeAWdzzn0v70cyGFyJdSwZKoYDIZ7FNSrFAGFsupQP0uT0ytB6PXDlFhYTYhHH7Ck7AJgq2QHkCJGOO6tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
754f0aacdb26917d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Oct 2022 15:47:06 GMT
config.json
c.go-mpulse.net/api/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=RRNR9-85ANW-4QF6A-ZJTU2-LGRHY&d=www.newsmax.com&t=5549661&v=1.720.0&sl=0&si=1341507c-0f13-44d6-bddb-b37054dcb8c0-rj8jqs&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=390844
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RRNR9-85ANW-4QF6A-ZJTU2-LGRHY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
27004420283ff78bb2ca8fde44bb16e74273602d7b5443d8c53477ce9d5351ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1443
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-31221-1&cid=295364473.1664898296&jid=1385393057&gjid=594987335&_gid=1513219398.1664898296&_u=YGBAgAABAAAAAE~&z=507081183
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 04 Oct 2022 15:44:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1382391859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&ul=en-us&de=UTF-8&dt=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1385393057&gjid=594987335&cid=295364473.1664898296&tid=UA-31221-1&_gid=1513219398.1664898296&gtm=2wg9s0WL644C&z=1525377483
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 00:11:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56008
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync-container.js
b-code.liadm.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-026z.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 17:05:41 GMT
x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
2587155
etag
"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
5904
x-amz-cf-id
EsQ9s8cR5dm4oE0njwds0VcGp-NM9jevmUDKJ-nosCmg8X3C0Eg9QQ==
2353704501325948
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2353704501325948?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03d8d375110f1a0305d787365607af49c29229381a092d932a2d63661d2de837
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 04 Oct 2022 15:44:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86259
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
K9Ou3TbGNV9WjyhojahHtR5lkCeCXgIgy/02YaKWWL/Xxfs/sSsuRgGeyEdsLfrcIcI576iD32SeCPD9EbGwUA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rules-p-St___PnJ1vDs5.js
rules.quantcount.com/ 		209 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-St___PnJ1vDs5.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30235be1a8cb2c0b43d75136c68490e0cb2c16c5c43c6d2b0e755bf97145c4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:24:17 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Sat, 27 Aug 2022 16:05:30 GMT
server
AmazonS3
etag
"9057db354e73da64ab9bdf855454a44e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
qmTdXFgiFcIxXeLD1JjvfhtjN_zbvoZgkI19ypbLf3xqIn_l8TpQlg==
hbw_master_319293_10071.js
player.adtelligent.com/prebidlink/x462471/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/x462471/hbw_master_319293_10071.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/wrapper_hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
dee163747ea86c625f160eb964b806c8b12c9b0d4d67f0fc41c321c689455a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
Thu, 06 Oct 2022 15:44:55 GMT
date
Tue, 04 Oct 2022 15:44:55 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 22:11:22 GMT
server
nginx
etag
W/"633b5e0a-18cc1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
971
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
754f0aad9ff15c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 07 Oct 2022 15:44:55 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-31221-1&cid=295364473.1664898296&jid=1385393057&_u=YGBAgAABAAAAAE~&z=481201988
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-31221-1&cid=295364473.1664898296&jid=1385393057&_u=YGBAgAABAAAAAE~&z=481201988
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1664898295930&aid=a-026z&se=e30&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&tna=v2.5.0&pu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2...
  • https://rp4.liadm.com/j?dtstmp=1664898295930&aid=a-026z&se=e30&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&tna=v2.5.0&pu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%...
13 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1664898295930&aid=a-026z&se=e30&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&tna=v2.5.0&pu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&wpn=lc-bundle&c=PHRpdGxlPgoJVVMgRGVmZW5zZSBDb250cmFjdG9yIFZpY3RpbWl6ZWQgYnkgUmFuc29td2FyZSBBdHRhY2sgfCBOZXdzbWF4LmNvbQo8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBbiBpbmZvcm1hdGlvbiB0ZWNobm9sb2d5IGNvbXBhbnkgdGhhdCBzdXBwb3J0cyBVLlMuIGRlZmVuc2UgYW5kIGludGVsbGlnZW5jZSBhcHBhcmVudGx5IHdhcyB2aWN0aW1pemVkIGJ5IGEgcmFuc29td2FyZSBhdHRhY2suIj4&i6=MmEwMTo0YTA6MTMzODo5Mjo6NQ%3D%3D&n3pc=true
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Server
54.146.241.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-241-124.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
x-pixel-event-id
1bf28b18-13ab-444d-aed7-c8b20e279492
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
a49f46d50d94ef9b
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Tue, 04 Oct 2022 15:44:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1664898295930&aid=a-026z&se=e30&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&tna=v2.5.0&pu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&wpn=lc-bundle&c=PHRpdGxlPgoJVVMgRGVmZW5zZSBDb250cmFjdG9yIFZpY3RpbWl6ZWQgYnkgUmFuc29td2FyZSBBdHRhY2sgfCBOZXdzbWF4LmNvbQo8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJBbiBpbmZvcm1hdGlvbiB0ZWNobm9sb2d5IGNvbXBhbnkgdGhhdCBzdXBwb3J0cyBVLlMuIGRlZmVuc2UgYW5kIGludGVsbGlnZW5jZSBhcHBhcmVudGx5IHdhcyB2aWN0aW1pemVkIGJ5IGEgcmFuc29td2FyZSBhdHRhY2suIj4&i6=MmEwMTo0YTA6MTMzODo5Mjo6NQ%3D%3D&n3pc=true
access-control-allow-origin
https://www.newsmax.com
request-time
0
access-control-allow-credentials
true
trace-id
db12641a47dcab31
content-length
0
x-xss-protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971560661/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971560661/?random=1664898295976&cv=9&fst=1664898295976&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tiba=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&auid=646752622.1664898296&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1fa90560d12ffe1e8244ca88e06a09e03b34350efc25bc454af049d69700de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1086
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2755677304707901
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2755677304707901?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b7794b8b0fe358ac7a93f9c3675e4fe9c2ff3a56bb3f7c67efc66462b62e4ee5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 04 Oct 2022 15:44:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86072
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
jLEq0n8AqQcIuXNSQFJIxitJT9KoQtyhqmxh4w/Sbmax3Z7h1qKbugjnakNSvuXoqpwzGFZ/fSqf+CjewP1nuA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2353704501325948&ev=PageView&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&rl=&if=false&ts=1664898296021&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22200489208854101%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22408495800787067%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1664898296020.514588309&it=1664898295833&coo=false&rqm=GET
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 04 Oct 2022 15:44:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1815670533;fpan=1;fpa=P0-1737925161-1664898296031;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=newsmax.com;dst=0;et=1664898296030;tzo=0;url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F;ogl=description.An%20information%20technology%20company%20that%20supports%20U%252ES%252E%20defense%20and%20intelligence%20ap%2Cpage_id.85452072376%2Csite_name.Newsmax%2Cimage%3Aheight.500%2Cimage%3Awidth.600%2Cimage%3Atype.image%2Fjpeg%2Cimage.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2FCMSPages%2FGetFile%252Easpx%3Fguid%3D25a4d158-5565-41c8-9b8a-e77ae%2Curl.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F10%2Ctype.article%2Ctitle.US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 02:01:57 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA53-C1
age
49380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
yzN9s7rNinOob7SC_m2ja3paPkSzPSeWTyOE9SjadGrvqm9zQoYVHQ==
pixel;r=795911241;source=gtm;rf=0;a=p-St___PnJ1vDs5;url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F;uht=2;fpan=0;fpa=P0-1737925161-1...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=795911241;source=gtm;rf=0;a=p-St___PnJ1vDs5;url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F;uht=2;fpan=0;fpa=P0-1737925161-1664898296031;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=newsmax.com;dst=0;et=1664898296035;tzo=0;ogl=description.An%20information%20technology%20company%20that%20supports%20U%252ES%252E%20defense%20and%20intelligence%20ap%2Cpage_id.85452072376%2Csite_name.Newsmax%2Cimage%3Aheight.500%2Cimage%3Awidth.600%2Cimage%3Atype.image%2Fjpeg%2Cimage.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2FCMSPages%2FGetFile%252Easpx%3Fguid%3D25a4d158-5565-41c8-9b8a-e77ae%2Curl.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F10%2Ctype.article%2Ctitle.US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack;ses=cb1c0263-056d-4efc-8dc8-006d9d4d94eb
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/319104/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/319104/config.json?cb=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
de76c5b236b30fed5f9ec5c9fa048da0a4397875996202a700681b8b2a6bf6ac

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 06 Oct 2022 15:44:56 GMT
date
Tue, 04 Oct 2022 15:44:56 GMT
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 12:01:13 GMT
server
nginx
etag
W/"633acf09-84b"
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
cache-control
max-age=172800
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ 		139 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462471/hbw_master_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
aca191859901f0e518496695a814494d588754e3bd146cc910876e963f650034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:55 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
139
tracking
ghb.adtelligent.com/adunit/ 		43 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=319293&site_id=10071&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&adid=udgiz0.lz&features=81952&vpbv=N087&tte=465&lifecycle_tte=3779
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462471/hbw_master_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:55 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
multirequest
cdnapisec.kaltura.com/api_v3/service/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdnapisec.kaltura.com/api_v3/service/multirequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:586::10fe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kaltura /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Range, Cache-Control
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Server, Content-Length, Content-Range, Date, X-Kaltura, X-Kaltura-Session, X-Me
access-control-max-age
86400
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 04 Oct 2022 15:44:56 GMT
server
Kaltura
x-me
ny-nvp1-fapi-72b2
x-proxy-me
nvp1-front-proxy-blue-75b6988ddf-vcvq9
x-proxy-session
fe8909b15cb79b186e0667bd77871f61
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31221-55&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcb54a8f4870ad0cb8e2c0e798795f80b22df03f7fbb2c01be858ac94795bed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42390
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 15:08:24 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Oct 2022 15:44:56 GMT
multirequest
cdnapisec.kaltura.com/api_v3/service/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnapisec.kaltura.com/api_v3/service/multirequest
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:586::10fe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kaltura /
Resource Hash
a132427cebccddef910f3cc4b2bcef5a5172466cef7818729b2f0c948ffe1766

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

x-kaltura
cached-dispatcher,cache_v3-c7206fdbb33570ff4050adcc4cbb7240,0.00027799606323242
x-me
ny-nvp1-fapi-74d0
pragma
no-cache
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:56 GMT
server
Kaltura
x-proxy-session
dff0aef9cc2d1d0962868be56a67c059
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Server, Content-Length, Content-Range, Date, X-Kaltura, X-Kaltura-Session, X-Me
cache-control
max-age=0, no-cache, no-store
x-proxy-me
nvp1-front-proxy-blue-75b6988ddf-wfrfz
content-length
1905
expires
Tue, 04 Oct 2022 15:44:56 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73cf53063cc08520bfcfea4d0161892ce5dcd3b8718d72e14611439a746e0de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29b138addba2df5d07ebce20a46d69eea61b15cc0f79e419a1629d73cd628ae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		592 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ced5fe432e6de10967e5b8d3d562a17cb37b2ee8f69b7f2bc4b9cb5e1f2cc7a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		831 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
870a90339658c81d4ae8d6f94e36c5faf066c14c2976769ee4e303d1488cb365

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		619 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09332f81284150bea9c6171c83b29c09dabb8edf3db9ad88314152c9aceb6d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		670 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e417c535c1904c414943f70bb6744b45134fb3d99ab8f61fb2029a5a54f61992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bf517104f255123ba18c57e1de2f672c0271712d716ff844a26ea8162453b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129563
x-xss-protection
0
expires
Tue, 04 Oct 2022 15:44:56 GMT
truncated
/ 		335 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
072c0cede4123403627840d43a66b45a1e14d0c4ba03b15f385d08b810e4d36e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2755677304707901&ev=PageView&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&rl=&if=false&ts=1664898296392&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1664898296020.514588309&it=1664898295833&coo=false&rqm=GET
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 04 Oct 2022 15:44:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
ITC_Franklin-Bold.ttf
www.newsmax.com/App_Themes/NewsmaxNew/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/fonts/ITC_Franklin-Bold.ttf
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa0f38af9e138a9b67cf922ac3e99f6fbd1c85202d18f601f880aff3d3820df8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.newsmax.com/css/newsmax.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
date
Tue, 04 Oct 2022 15:44:56 GMT
last-modified
Sun, 26 Apr 2020 21:21:16 GMT
server
Microsoft-IIS/10.0
etag
"0ae9a9e101cd61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=9
accept-ranges
bytes
content-length
27968
x-ua-compatible
IE=edge
ITC_Franklin-Light.ttf
www.newsmax.com/App_Themes/NewsmaxNew/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/fonts/ITC_Franklin-Light.ttf
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a7e82da5ca4dbba958cd0b570a8b59ff123968e41bc6abdbe7ddf9dc97f3f7d5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.newsmax.com/css/newsmax.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
date
Tue, 04 Oct 2022 15:44:56 GMT
last-modified
Sun, 26 Apr 2020 21:21:22 GMT
server
Microsoft-IIS/10.0
etag
"0352ea2101cd61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
19244
x-ua-compatible
IE=edge
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Tue, 04 Oct 2022 15:44:56 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=19069
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
web
onesignal.com/api/v1/sync/d4a15f2f-7ca8-48ca-aa1f-0bea58100a1c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d4a15f2f-7ca8-48ca-aa1f-0bea58100a1c/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98396bf1b5945ab8be3df6b04f773ee3663c06a1aa431b883dca10f05581c658
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
2254
cf-polished
origSize=3398
status
200 OK
x-envoy-upstream-service-time
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e077bf86-23b4-414e-be65-ba9b339b2d9f
x-runtime
0.052207
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"73a8744f086e0fda41510373de15731b"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
754f0ab1b9059b4b-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 04 Oct 2022 16:44:56 GMT
iconCommenting.gif
www.newsmax.com/App_Themes/Newsmax/images/ 		696 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/Newsmax/images/iconCommenting.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a5d0212b57cd91453464ddb13dd3ce87ced642a8c2e68a5c62e5273dc79aad4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Tue, 04 Oct 2022 15:44:56 GMT
last-modified
Thu, 20 Jan 2022 15:44:28 GMT
server
Akamai Image Manager
x-serial
1712
x-check-cacheable
YES
etag
"011fc22537dd51:0"
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=102320
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
696
expires
Wed, 05 Oct 2022 20:10:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
103324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:05:50 GMT
x-content-type-options
nosniff
age
59946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:05:50 GMT
/
www.google.com/pagead/1p-user-list/971560661/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971560661/?random=1664898295976&cv=9&fst=1664895600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tiba=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&async=1&fmt=3&is_vtc=1&random=1154527850&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/971560661/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/971560661/?random=1664898295976&cv=9&fst=1664895600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tiba=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&async=1&fmt=3&is_vtc=1&random=1154527850&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b1b96725-5da4-44ec-8c57-0a9000ebf916.js
product.instiengage.com/product-loader-code/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/b1b96725-5da4-44ec-8c57-0a9000ebf916.js
Requested by
Host: soapps.net
URL: https://soapps.net/live/loader/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57d991857048a5599b4855dc7d67079cc556e2ebfef75189b89d6e5fc82a40a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
Q32v3iPY.h6IECNY2.0fEkfTVv4upuZS
content-encoding
br
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
date
Tue, 04 Oct 2022 15:42:16 GMT
last-modified
Tue, 23 Aug 2022 12:15:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
242
etag
W/"24de0b98d2053a6d043dd56310a28c1a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600,public
x-amz-cf-id
s5D3URA7uSdoMG3Gqzv_fXaW-qfUWwBChMGumIT54b1r3BoPi6Sptg==
TVScheduleHandler.ashx
www.newsmax.com/CMSPages/NewsMax/Handlers/ 		71 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSPages/NewsMax/Handlers/TVScheduleHandler.ashx
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b34d2f3f22a04e51371de3e6d31c11edc9922ecb3f5c453239faef40a8d9e12f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:56 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=39
content-length
14774
x-ua-compatible
IE=edge
last-modified
Tue, 04 Oct 2022 15:43:41 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=225
expires
Tue, 04 Oct 2022 15:48:41 GMT
player.esi
amp.akamaized.net/hosted/1.1/ 		277 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664898295128
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bb34df5214a8b9cd7d9bfc120252b6fdb17b03a094692822637de21145cf3df5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Content-Encoding
gzip
PROTO
https
Server
AkamaiNetStorage
ETag
"22c8e983ad99cc0570d21c8e586cb8e9:1597899815"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=4
Connection
keep-alive, Transfer-Encoding
full.gif
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		97 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/full.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4d587885f84d5f0b3287ee5a85401c1fd06b7a79bb62fbec528ce26585f85852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
date
Tue, 04 Oct 2022 15:44:56 GMT
last-modified
Thu, 20 Jan 2022 15:39:30 GMT
server
Akamai Image Manager
etag
"e346b7983afed61:0"
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=97470
server-timing
cdn-cache; desc=HIT, edge; dur=12
content-length
97
expires
Wed, 05 Oct 2022 18:49:26 GMT
/
www.facebook.com/tr/ Frame B990 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.newsmax.com
Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 15:44:56 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
Newsmax_Jokes_button.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/Newsmax_Jokes_button.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
24561fe775c2aa05376c741a39d56f0de51734139f34cd6dd9c8b302f3b46d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
last-modified
Thu, 20 Jan 2022 15:39:28 GMT
server
Akamai Image Manager
etag
"011fc22537dd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=245809
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
981
expires
Fri, 07 Oct 2022 12:01:45 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2240729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0p7QMxeHNAbXh0EBf%2BQ35UQqg7Vh8k3Cjnf0%2FElKbN%2B52CPGAn%2FFrU4wFsHLp0Oqv3fC3Rel%2FMX9RY4XsrUgCeSxIUedbU26QbyEtYhS2ZrxVLutuErkWLWyqyPZPkjvuhYcgWRre92Z429UJxV7Fhh"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0ab2ba206964-FRA
expires
Sun, 24 Sep 2023 15:44:56 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1382391859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&ul=en-us&de=UTF-8&dt=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAGAAI~&jid=10120934&gjid=1796904793&cid=295364473.1664898296&tid=UA-31221-55&_gid=1513219398.1664898296&_r=1&gtm=2ou9s0&z=1731181252
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1382391859&t=event&_s=2&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&ul=en-us&de=UTF-8&dt=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Kaltura%20Video%20Events&ea=widget%20loaded&_u=aGDAAUABAAAAAGAAI~&jid=&gjid=&cid=295364473.1664898296&tid=UA-31221-55&_gid=1513219398.1664898296&gtm=2ou9s0&z=1084601853
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 00:11:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56009
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.536.0_en.html
imasdk.googleapis.com/js/core/ Frame B756 		686 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ec872d58a5c69122782bdc67523a5483d766169686b83bed86a73d36691ae5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
68064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226455
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Oct 2022 20:50:32 GMT
expires
Tue, 03 Oct 2023 20:50:32 GMT
last-modified
Mon, 03 Oct 2022 15:54:58 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Oct 2022 15:44:56 GMT
bootloader.js
static.newsmaxfeednetwork.com/web-clients/bootloaders/ZlB6kIzR8vJVn32BbZzMWv/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsmaxfeednetwork.com/web-clients/bootloaders/ZlB6kIzR8vJVn32BbZzMWv/bootloader.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.137.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-137-207.compute-1.amazonaws.com
Software
openresty / Express
Resource Hash
34d7ecd8274df6ec57884dfcdfcd0ae24aed20ec59f0624de787d125b2a8c4be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:57 GMT
Content-Encoding
gzip
Server
openresty
x-powered-by
Express
etag
W/"58e-sRnlU59AAGrqWIxcPxP6F5dxtYk"
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
cache-control
public, max-age=300
x-envoy-upstream-service-time
2
Connection
keep-alive
newsmax_logo_new_footer.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/newsmax_logo_new_footer.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9cef7f743987479022148931132527fe1b8712ea4949cae7a5e9b1b73884f9fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
last-modified
Thu, 20 Jan 2022 15:39:30 GMT
server
Akamai Image Manager
etag
"c9df6c4f8c8d81:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=309727
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1940
expires
Sat, 08 Oct 2022 05:47:03 GMT
index.php
analytics.kaltura.com/api_v3/ 		48 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&playerJSLoadTime=1135&eventType=1&partnerId=2216081&entryId=1_y3kljhtk&sessionId=bc72eab4-45c9-db43-839c-07c56952bace%3A1b95a569-934a-c2c8-a279-6b6fecc7d855&eventIndex=1&referrer=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&deliveryType=hls&playbackType=vod&clientVer=7.52&clientTag=html5%3Av7.52&position=0&playbackSpeed=1&ks=djJ8MjIxNjA4MXyQLJbLXvso_IWxZJuWGplIHXDT0BLyFl2sN3-as_HD_b-5yHXMPm6HheUB0xX53FEnU96xIddh4tbiEJkhm9Pl7RB3c3h9Q6JeyVfGSmIOKA%3D%3D&uiConfId=46496733
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.189.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-189-41.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cfb1bfcef090f8d56f73444dbb99a439d0a572b8454db9f41a9879d8970554fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:57 GMT
Server
nginx
X-Kava-Me
ip-172-30-36-72
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Range,Accept-Encoding,Referer,Cache-Control,User-Agent,Content-Type
Expires
Tue, 04 Oct 2022 15:44:56 GMT
100
cfvod.kaltura.com/p/2216081/sp/221608100/thumbnail/entry_id/1_y3kljhtk/version/100021/width/164/vid_slices/ 		393 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfvod.kaltura.com/p/2216081/sp/221608100/thumbnail/entry_id/1_y3kljhtk/version/100021/width/164/vid_slices/100
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6000:19:597a:e108:c5a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kaltura /
Resource Hash
4bdaaf9bba5b5412e4bfa8c4845d824d0fad01063ec4628d4e75abf714560487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Kaltura
cached-thumb-exists,cd2b2732725a2f7494e532e441ef5294
X-Me
ny-nvp1-fthumb-736b
Date
Tue, 04 Oct 2022 15:44:57 GMT
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
X-Vod-Session
1195353423
X-Amz-Cf-Pop
FRA53-C1
X-Cache
RefreshHit from cloudfront
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-zznkl
Connection
keep-alive
X-Kaltura-Session
765505098, 1664710764
Content-Length
402217
Pragma
Last-Modified
Fri, 14 May 2021 18:17:16 GMT
Server
Kaltura
X-Proxy-Session
a3f76d137a3e681e9dd79105bf20c0f8
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-mxmcg
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600, max-stale=0
Accept-Ranges
bytes
X-Amz-Cf-Id
VBuN3yGxx1_tgF9CeZUHMyH5_dEBnZ0AcQxUxNq77PZC-6OYjLKNfQ==
Expires
Tue, 04 Oct 2022 16:44:57 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.4170459613500577
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-rb--hrgozJ2OPOt9Pfhjcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-rb--hrgozJ2OPOt9Pfhjcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.748487319890489
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-QqUhRDW91La-s-rI3WJBHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-QqUhRDW91La-s-rI3WJBHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5f89c3ccdaa66308/ 		2 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5f89c3ccdaa66308/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
264a4152036cf4c4deba274551e5faa60e993d776a249c58bcd5fff71d3f59ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
gzip
etag
-1789200638--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=39, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
724
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=633c54f801831d3c&bkl=0&bl=1&pdt=2603&sid=633c54f801831d3c&pub=ra-5f89c3ccdaa66308&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newsmax.com&fp=newsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=defense%2Ccontractor%2Cransomware%2Cattack%2Cblackcat%2Cintelligence&colc=1664898297002&jsl=12289&uvs=633c54f8e2513d58000&skipb=1&callback=addthis.cbs.jsonp__70773814294216230
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3c1696566282dbca27b59fa922d74bce18608fa82461c9c6288cae27e7f65d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3B57 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4764 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Tue, 04 Oct 2022 15:44:57 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
15943
audio.beyondwords.io/r/
Redirect Chain
  • https://app.beyondwords.io/api/v2/projects/15943/podcasts/iframe.html
  • https://audio.beyondwords.io/r/15943
7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/r/15943
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc0578e6346681e77f8778551a3d024a5f3597e4451a6dd712b1390e3d70e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 vegur
x-permitted-cross-domain-policies
none
age
160
content-encoding
gzip
x-xss-protection
1; mode=block
x-request-id
f4f9e8c5-cddb-4021-9029-467b8c72eeae
x-runtime
0.024748
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=300
vary
Origin, Accept-Encoding
cf-ray
754f0ab81d1c5c1a-FRA
expires
Tue, 04 Oct 2022 15:49:57 GMT

Redirect headers

date
Tue, 04 Oct 2022 15:44:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 vegur
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
d14062c0-c073-41b6-b10d-b67124b1f266
x-runtime
0.016983
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
content-type
text/html; charset=utf-8
location
https://audio.beyondwords.io/r/15943
access-control-allow-origin
*
access-control-expose-headers
cache-control
no-cache
vary
Origin
cf-ray
754f0ab618eb5c1a-FRA
widget_iframe.7dae38096d06923d683a2a807172322a.html
platform.twitter.com/widgets/ Frame 4A55 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.newsmax.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
379139
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Tue, 04 Oct 2022 15:44:57 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 28 Sep 2022 20:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/675D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
a-026z
i.liadm.com/s/c/ Frame 46F6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.123.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-123-192.compute-1.amazonaws.com
Software
/
Resource Hash
adec9fd4e4db0df56d6da0845865aa7baf137380cf5f4b8bc68cd9540b99c0da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
638
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Oct 2022 15:44:57 GMT
ETag
1.61803398874
Request-Time
7
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsmax.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
a.m3u8
cdnapisec.kaltura.com/p/2216081/sp/221608100/playManifest/entryId/1_y3kljhtk/protocol/https/format/applehttp/flavorIds/1_hpb0jxct,1_xc9gqf41,1_uocsyx0p,1_03iwys50,1_139jf12x/ 		2 KB
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnapisec.kaltura.com/p/2216081/sp/221608100/playManifest/entryId/1_y3kljhtk/protocol/https/format/applehttp/flavorIds/1_hpb0jxct,1_xc9gqf41,1_uocsyx0p,1_03iwys50,1_139jf12x/a.m3u8?uiConfId=46496733&playSessionId=bc72eab4-45c9-db43-839c-07c56952bace:1b95a569-934a-c2c8-a279-6b6fecc7d855&referrer=aHR0cHM6Ly93d3cubmV3c21heC5jb20vbmV3c2Zyb250L2RlZmVuc2UtY29udHJhY3Rvci1yYW5zb213YXJlLzIwMjIvMDkvMjkvaWQvMTA4OTYwNi8=&clientTag=html5:v7.52&responseFormat=jsonp&callback=jsonpcallback1664898762286
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:586::10fe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kaltura /
Resource Hash
5fb672f1d8956e7ac6c11ed4d4ac7af1c82e342cb2e248813364ed7ab3b4d9b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-kaltura
cached-dispatcher,playManifest-29ff862d73b5b661ff8675b59278ac62,0.0031788349151611
x-me
ny-nvp1-fapi-4922
date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
gzip
x-proxy-me
nvp1-front-proxy-blue-75b6988ddf-vzzcp
content-length
399
pragma
no-cache
server
Kaltura
x-proxy-session
01f48853e9f3fcc7a22d689f6c59044e
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
expires
Tue, 04 Oct 2022 15:44:57 GMT
iframe.html
app.beyondwords.io/api/v2/projects/15943/podcasts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.beyondwords.io/api/v2/projects/15943/podcasts/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
754f0ab52e955c1a-FRA
date
Tue, 04 Oct 2022 15:44:57 GMT
server
cloudflare
via
1.1 vegur
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.newsmax.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 04 Oct 2022 15:44:57 GMT
bid
ap.lijit.com/rtb/ 		25 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ed7e5852ceeb267da57cadfc286148b62e673ffc14407100610e830dcedeafde

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=47751536804
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.76.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-76-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:44:57 GMT
AN-X-Request-Uuid
9187c268-888e-4821-84dc-f33096c5b1f8
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		270 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
635d729c3d226e7d58807923b1ff1a729dd2cec3177fddcd3769013a8b400ee6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:44:57 GMT
AN-X-Request-Uuid
fa7b8c53-9173-47e5-9262-af9a9f5ebbce
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
270
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2296f3bfa8bd7c753%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%2297cb6743a4da80a%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%229824ecb4386886f%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%22991b9f01e829037%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%221009ba0d349a6f24%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%2210157e460fef6778%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D&ref=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&s=ef5ee499-8f12-45f9-993a-31b76a491d2c&pv=bfa05497-e610-4074-977c-46e826aadbec&vp=desktop&lib_name=prebid&lib_v=6.25.1-c&us=0&ius=1&gdpr=false&userid=%7B%22pubcid%22%3A%22eb3c68b9-8677-4494-bf39-e0c8f52e758e%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22eb3c68b9-8677-4494-bf39-e0c8f52e758e%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ee249c7ad472fbe9edec0012b0d6fe7a74a8fe6f54a3e99eaef41d1be479b4fc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-15
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
632
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ortb
bid.contextweb.com/header/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
access-control-expose-headers
Access-Control-Allow-Origin
date
Tue, 04 Oct 2022 15:44:57 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
x-no-bid-reason
Passback by decision
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&gdpr=0&eid_pubcid.org=eb3c68b9-8677-4494-bf39-e0c8f52e758e%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=8ab7e40e-861a-4ed2-a404-90a17b3ce798&l_pb_bid_id=1102cf75f4ebf901&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.3273959350111648
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
474bcf4b49d387192ce59e0e19e9752c8bfc3cd4ff10f7e5aea128767bf5bba3

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:44:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsmax.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
387
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&gdpr=0&eid_pubcid.org=eb3c68b9-8677-4494-bf39-e0c8f52e758e%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=a7d8d4a1-7349-4995-a6bf-526f3409872c&l_pb_bid_id=111d049f611dfe06&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.33685547105135205
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2d332e67d82e8a227796de998fa93907a7be2cd91127d8e0c0a92db3931e399f

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:44:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsmax.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
387
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&gdpr=0&eid_pubcid.org=eb3c68b9-8677-4494-bf39-e0c8f52e758e%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=00449304-41ff-49af-879c-3eaa2b59435d&l_pb_bid_id=1129b315ccf1f17f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.7571810205600951
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
02b9598ecca4d1f80718fc51eed815241da495ae1146a668ab4883943add8511

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:44:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsmax.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
387
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&gdpr=0&eid_pubcid.org=eb3c68b9-8677-4494-bf39-e0c8f52e758e%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=5ee90a00-c677-4705-8cbf-ecf00c18d247&l_pb_bid_id=1134be24e0135828&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.7105288664166021
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e714fd0b969752b1021274b6983b1925d5cdee70fea0769846e5647ebc8f3e7a

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:44:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsmax.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
387
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&gdpr=0&eid_pubcid.org=eb3c68b9-8677-4494-bf39-e0c8f52e758e%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=373bcdd8-c73d-4abf-acd3-e4e724cc1d88&l_pb_bid_id=11498a01490e6dc4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.5548448535733999
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7b2217761e2247f5840ebb0fd21a1929327a7dd49ffc2df20921f6a767316973

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:44:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsmax.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
387
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&gdpr=0&eid_pubcid.org=eb3c68b9-8677-4494-bf39-e0c8f52e758e%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=93d92323-c093-4c81-afb8-b013c5df8da2&l_pb_bid_id=1157d1c9b5cbd509&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.0029552258470606496
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f2e25f609a24452019290acc97111ab741a871552aaa0d09f424f6c01ba8dc8c

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:44:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsmax.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
387
Expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.newsmax.com
pragma
no-cache
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
arj
os4m-d.openx.net/w/1.0/ 		173 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8ab7e40e-861a-4ed2-a404-90a17b3ce798%2Ca7d8d4a1-7349-4995-a6bf-526f3409872c%2C00449304-41ff-49af-879c-3eaa2b59435d%2C5ee90a00-c677-4705-8cbf-ecf00c18d247%2C373bcdd8-c73d-4abf-acd3-e4e724cc1d88%2C93d92323-c093-4c81-afb8-b013c5df8da2&nocache=1664898297151&gdpr=0&pubcid=eb3c68b9-8677-4494-bf39-e0c8f52e758e&aus=300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250&divids=div-gpt-ad-newsfront-9e713434-87cb-4373-bbb4-b0a07af5ac92%2Cdiv-gpt-ad-newsfront-9a81c0f6-4fe7-455c-b0c5-50a8578a656c%2Cdiv-gpt-ad-newsfront-03ee2224-9534-4c08-b8cd-0377a3e433ae%2Cdiv-gpt-ad-newsfront-300c51ed-14d6-490e-8784-2461bfbef0f2%2Cdiv-gpt-ad-newsfront-4e920ea2-ad0f-4e57-a6fa-a84d458c9024%2Cdiv-gpt-ad-newsfront-7664ab2f-619e-4502-975e-9af649a0c3f1&aucs=%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&auid=543966149%2C543966149%2C543966149%2C543966149%2C543966149%2C543966149
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
05ccc91826c3f2f9deb9a25bfdf78ea4a5b03838fdc07c18f37cd24922dd1853

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsmax.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=728004&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221311566cc3d80a6a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22132eeeb9f499bff3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%221348af158d8284e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%221363b5111e2419f2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%22138d2ac3ccb5f3ac%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%22140febb83fbf3c77%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%221425f2720fe28219%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-newsfront-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22eb3c68b9-8677-4494-bf39-e0c8f52e758e%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e58407159c345de9546bddf80cf9c70225edffdd2f4057b56a94cdf862774d4

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg4SEmMMxpGH1WPUeTNwDZLU%2B2PmIxqF2EUXNGtgf1LiBEAqzFb4bIPae3CgACTrTcTquqtaJ6qdPUh1bSZzxelnIFLyKiz1oAYJCrPwW0WVkjkR4nl50giOf7gIUIzlZsH7PZpT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
754f0ab61b6e9a0f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
sponsoredheadline.ashx
www.newsmax.com/cmspages/newsmax/handlers/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/cmspages/newsmax/handlers/sponsoredheadline.ashx?&Url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36b1ac5c7e7aa03590a7d7231f838bac2df8bc2691c176326d87792a0d1a469a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:57 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=30, origin; dur=124
content-length
944
x-ua-compatible
IE=edge
last-modified
Tue, 04 Oct 2022 15:44:57 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=276
expires
Tue, 04 Oct 2022 15:49:33 GMT
ecomms.ashx
www.newsmax.com/cmspages/newsmax/handlers/ 		781 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/cmspages/newsmax/handlers/ecomms.ashx?sitename=newsmax&Url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d54ebc199fd630a42278a0ac270926d9f152c5bdd381c94b9e02d4b3b12ae35
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:57 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=20, origin; dur=341
content-length
346
x-ua-compatible
IE=edge
last-modified
Tue, 04 Oct 2022 15:44:57 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=262
expires
Tue, 04 Oct 2022 15:49:19 GMT
/
www.facebook.com/tr/ Frame D41B 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.newsmax.com
Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 15:44:57 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qtabstzx2kODfLCHlg1uJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-Qtabstzx2kODfLCHlg1uJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 4A55 		851 B
677 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=b62bf863e6eaf7c8f5a81757f931cc5d32d62abf
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.newsmax.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
106
date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 04 Oct 2022 15:44:57 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
f6b165f83387442b
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
9538ef22530939a6ca4c5d0e08dc47629d5094e449c2f74b5862a7223ee47475
content-length
355
15943
audio.beyondwords.io/r/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/r/15943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
754f0ab78bd25c1a-FRA
date
Tue, 04 Oct 2022 15:44:57 GMT
server
cloudflare
via
1.1 vegur
pixel_de49d3a
www.newsmax.com/akam/13/ 		0
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/akam/13/pixel_de49d3a
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/akam/13/de49d3a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
0
content-type
text/html
e23df4aec54a4aa6b1c3dcb70cb51c68
i.liadm.com/s/e/a-026z/0/ Frame 46F6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fe23df4aec54a4aa6b1c3dcb70cb51c68%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&74bf5089-c857-4ee3-a063-367...
  • https://i.liadm.com/s/e/a-026z/0/e23df4aec54a4aa6b1c3dcb70cb51c68?mpid=7156&muid=8765633c-54f9-4200-8159-6c977aa79157
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-026z/0/e23df4aec54a4aa6b1c3dcb70cb51c68?mpid=7156&muid=8765633c-54f9-4200-8159-6c977aa79157
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
3.212.123.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-123-192.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:57 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Date
Tue, 04 Oct 2022 15:44:57 GMT
Server
MT3 4525 e1952b7 master cdg-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://i.liadm.com/s/e/a-026z/0/e23df4aec54a4aa6b1c3dcb70cb51c68?mpid=7156&muid=8765633c-54f9-4200-8159-6c977aa79157
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 04 Oct 2022 15:44:56 GMT
generic
match.adsrvr.org/track/cmf/ Frame 46F6 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 04 Oct 2022 15:44:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
52164
i.liadm.com/s/ Frame 46F6
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=74bf5089-c857-4ee3-a063-367df98f551d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=74bf5089-c857-4ee3-a063-367df98f551d&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=85c593c9-995f-4c2c-8115-084123a5db38
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=74bf5089-c857-4ee3-a063-367df98f551d
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=85c593c9-995f-4c2c-8115-084123a5db38&google_hm=ODVjNTkzYzktOTk1Zi00YzJjLTgxMTUtMDg0MTIzYTVkYjM4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKtjVAL75Z0Oge4jYXAB_TU&google_cver=1&ssp=liveintent&bsw_param=85c593c9-995f-4c2c-8115-084123a5db38
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=85c593c9-995f-4c2c-8115-084123a5db38
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=85c593c9-995f-4c2c-8115-084123a5db38
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
3.212.123.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-123-192.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=85c593c9-995f-4c2c-8115-084123a5db38
Date
Tue, 04 Oct 2022 15:44:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
e23df4aec54a4aa6b1c3dcb70cb51c68
i.liadm.com/s/e/a-026z/0/ Frame 46F6
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=74bf5089-c857-4ee3-a063-367df98f551d&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fe23df4aec54a4aa6b1c3dcb70cb51c68%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=74bf5089-c857-4ee3-a063-367df98f551d&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fe23df4aec54a4aa6b1c3dcb70cb51c68%3Fmp...
  • https://i.liadm.com/s/e/a-026z/0/e23df4aec54a4aa6b1c3dcb70cb51c68?mpid=82775&muid=56430450375790623322768703582299557563
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-026z/0/e23df4aec54a4aa6b1c3dcb70cb51c68?mpid=82775&muid=56430450375790623322768703582299557563
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
3.212.123.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-123-192.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-2-v044-00b67553b.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rqJRYaN4Rm4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-026z/0/e23df4aec54a4aa6b1c3dcb70cb51c68?mpid=82775&muid=56430450375790623322768703582299557563
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame 46F6
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=74bf5089-c857-4ee3-a063-367df98f551d
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=74bf5089-c857-4ee3-a063-367df98f551d&rd=Y
43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=74bf5089-c857-4ee3-a063-367df98f551d&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
Tue, 04 Oct 2022 15:44:58 GMT
pragma
no-cache
date
Tue, 04 Oct 2022 15:44:58 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=74bf5089-c857-4ee3-a063-367df98f551d&rd=Y
pragma
no-cache
date
Tue, 04 Oct 2022 15:44:58 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 04 Oct 2022 15:44:58 GMT
/
trc.taboola.com/sg/liveintent/1/cm/ Frame 46F6 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 04 Oct 2022 15:44:57 GMT
via
1.1 varnish
x-served-by
cache-fra19122-FRA
server
nginx
x-timer
S1664898298.766598,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
35004
i6.liadm.com/s/ Frame 46F6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gehtqt08742pagzsfxapn8vt&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:2ffc:e2b0:e092:1f2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date
Tue, 04 Oct 2022 15:44:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
7
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:57 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
a.m3u8
cdnapisec.kaltura.com/p/2216081/sp/221608100/playManifest/entryId/1_y3kljhtk/protocol/https/format/applehttp/flavorIds/1_hpb0jxct,1_xc9gqf41,1_uocsyx0p,1_03iwys50,1_139jf12x/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnapisec.kaltura.com/p/2216081/sp/221608100/playManifest/entryId/1_y3kljhtk/protocol/https/format/applehttp/flavorIds/1_hpb0jxct,1_xc9gqf41,1_uocsyx0p,1_03iwys50,1_139jf12x/a.m3u8?uiConfId=46496733&playSessionId=bc72eab4-45c9-db43-839c-07c56952bace:1b95a569-934a-c2c8-a279-6b6fecc7d855&referrer=aHR0cHM6Ly93d3cubmV3c21heC5jb20vbmV3c2Zyb250L2RlZmVuc2UtY29udHJhY3Rvci1yYW5zb213YXJlLzIwMjIvMDkvMjkvaWQvMTA4OTYwNi8=&clientTag=html5:v7.52
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:586::10fe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kaltura /
Resource Hash
369a7ee6d88f5060007cfc65ea6ce370195e119115086b0c1487d807c2ce267e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-kaltura
cached-dispatcher,playManifest-44652233606121ed91c46ddf7db252ca,0.0020279884338379
x-me
ny-nvp1-fapi-9502
date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
gzip
x-proxy-me
nvp1-front-proxy-blue-75b6988ddf-wkwcl
content-length
690
pragma
no-cache
server
Kaltura
x-proxy-session
72179acf230b11206a42982fbc1f9f4f
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
expires
Tue, 04 Oct 2022 15:44:57 GMT
delivery.js
assets.newsmaxwidget.com/master/ 		153 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.newsmaxwidget.com/master/delivery.js
Requested by
Host: static.newsmaxfeednetwork.com
URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/ZlB6kIzR8vJVn32BbZzMWv/bootloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46efe17f97002eda505906faf1d633f7e985ca269903e54ce250eb0194f08330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 15:06:56 GMT
server
AmazonS3
x-amz-request-id
ZWH4ZWBGZS7M59GZ
etag
"37628ce0c4b9a9ed51091ab43510fa0a"
x-hw
1664898297.cds161.fr8.hn,1664898297.cds288.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
49675
x-amz-id-2
Olp+VNEyLj2/rY9ZqZoCzdnf4L8hvEHvvlxBCm2OE/rZndiETSuWRfnWFdX/6E9ya43lSuS3Ygs=
generic
trends.newsmaxwidget.com/event/ 		0
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&s[hash]=ZlB6kIzR8vJVn32BbZzMWv
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.231.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-231-255.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 15:45:05 GMT
strict-transport-security
max-age=931536000; includeSubDomains
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
ads
pubads.g.doubleclick.net/gampad/ Frame B756 		18 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F6305169%2FNewsmax%2FVideo%2FArticle-Lead&description_url=http%3Anewsmax.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&vpos=preroll&unviewed_position_start=1&env=vp&correlator=2376194018972266&vpa=auto&vpmute=1&sdkv=h.3.536.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=kaltura-player-js&mpv=7.52&sdki=445&ptt=20&adk=370179413&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.536.0&sid=AEFF878B-7968-4F56-8816-0DE7BB380C36&nel=0&eid=44748969%2C44750824%2C44760950%2C44765701%2C44770825&url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&dlt=1664898294927&idt=2471&dt=1664898297635&cookie_enabled=1&scor=1883501113420941&ged=ve4_td3_tt1_pd3_la3000_er515.330.668.630_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e2f94dd3ef47389ec3ffc1ce3ee271070c516adf9fe0612693a32d494539442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3462
x-xss-protection
0
google-lineitem-id
6085066446
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138400871492
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
15943
audio.beyondwords.io/cf/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/cf/15943?article_url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@latest/dist/module/iframe-helper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab90642825c014ef29392ec34fb8fe622a3fa0e70ff730739b9b51433875f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 vegur
x-permitted-cross-domain-policies
none
content-encoding
gzip
x-xss-protection
1; mode=block
x-request-id
d0e31a13-8657-4124-9c8f-b4754ed31c4a
x-runtime
0.005925
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6ab90642825c014ef29392ec34fb8fe6"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=300
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
cf-ray
754f0ab90eae5c1a-FRA
expires
Tue, 04 Oct 2022 15:49:57 GMT
15943
audio.beyondwords.io/cf/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/cf/15943?article_url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
754f0ab87dc45c1a-FRA
date
Tue, 04 Oct 2022 15:44:57 GMT
server
cloudflare
via
1.1 vegur
151.67aec2e0546e639563bb.js
s7.addthis.com/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/151.67aec2e0546e639563bb.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 04 Oct 2022 15:44:57 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-68f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
815
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 04 Oct 2022 15:44:57 GMT
surrogate-key
sFbt=https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
last-modified
Tue, 04 Oct 2022 15:00:00 GMT
server
nginx/1.15.8
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
index.m3u8
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_hpb0jxct/name/a.mp4/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_hpb0jxct/name/a.mp4/index.m3u8
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
2b2c957745440adc52354dd268fde433c9261b0aa7e681dc07631a5e5bc62589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:57 GMT
Content-Encoding
gzip
X-Vod-Session
2010502690
X-Amz-Cf-Pop
FRA2-C2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-4bjlb
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
385
Pragma
no-cache
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
8b535bdb52a2e7783e3ce8e59deeaa96
ETag
W/"3a1794b0-179b"
Vary
Accept-Encoding
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-9m6mz
Content-Type
application/x-mpegURL
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
1UaaDY1VEc7qdlJfbXASMT9ViZbdPRVFCM_9ayW1j6Zh2zo1VLPDvw==
Expires
Tue, 04 Oct 2022 15:44:57 GMT
a.m3u8
nmxvod.akamaized.net/api_v3/index.php/service/caption_captionasset/action/serveWebVTT/captionAssetId/1_gznt5h8r/segmentDuration/300/ks/djJ8MjIxNjA4MXw1vMyW4duOk_c4X31tUMnC2wbuZ9JCc497ugJQaFidvHrvNF... 		192 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/api_v3/index.php/service/caption_captionasset/action/serveWebVTT/captionAssetId/1_gznt5h8r/segmentDuration/300/ks/djJ8MjIxNjA4MXw1vMyW4duOk_c4X31tUMnC2wbuZ9JCc497ugJQaFidvHrvNFLmnBnSQXnPuoH9G923bBo5LQjxluQCFz07IkGSSKgxx0HfHfVEcMBjpYVmbnPw8gnz0XtlAilO0Un73bDRjAs3FStHan6mkmULC8c3Fw5sJeeptwFdp-z6mg_wigypUYnXgZenLqhadIWbaqGOCzj-rdDHoccj7d2x7lHtA5twNa2ZD8_z8baeZZQgitGwat7PvNg4AaMIw8nGewo0RUUopbFojGYhaj3HUKvd/a.m3u8
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
5eea0d69b6b760b55d4978397654401fafba2d8d5ddc8494f9e44386bd80b7f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Kaltura
cached-dispatcher,cache_v3-27920ec4fe2c3762afafa27a58dbbdfb,0.0029110908508301
X-Me
ny-nvp1-fapi-fad3
Date
Tue, 04 Oct 2022 15:44:58 GMT
Content-Encoding
gzip
X-Vod-Session
1375698608
X-Amz-Cf-Pop
FRA60-P2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-hz4dm
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
144
Pragma
no-cache
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
037ed618bed29eea419d2125034eaec7
Vary
Accept-Encoding
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-mwj55
Content-Type
application/x-mpegURL
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
YdHtvAiDmqeiyFlZ1O9T55pFR67N-ssyuI-_oTg005TwH-aDwH9nCA==
Expires
Tue, 04 Oct 2022 15:44:58 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1382391859&t=event&_s=3&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&ul=en-us&de=UTF-8&dt=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Kaltura%20Video%20Events&ea=media%20ready&el=2216081%20%7C%2046496733%20%7C%201_y3kljhtk%20%7C%20%27Hoekstra%3A%20Colonial%20Pipeline%20Attack%20an%20%E2%80%98Act%20of%20War%E2%80%99%27&_u=aGDAAUABAAAAAGAAI~&jid=&gjid=&cid=295364473.1664898296&tid=UA-31221-55&_gid=1513219398.1664898296&gtm=2ou9s0&z=335385750
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 00:11:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56010
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a22f715ea2ed8254704281198af4a3691f2e1213b3410853b10ec5a8bace8b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d272b68a38f3d814db3b9f44190f6ab2dbba43f42363a13e82959fc791bc8ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:57 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
971
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
754f0ab98f925c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 03 Nov 2022 15:44:57 GMT
5249085
audio.beyondwords.io/e/ Frame A1CE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/e/5249085
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@latest/dist/module/iframe-helper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276daab8f2d3f47dee4db846d397bdcfda65240f86e156213affe59063b28703
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=300
cf-cache-status
MISS
cf-ray
754f0aba3f4b9b9b-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 04 Oct 2022 15:44:58 GMT
expires
Tue, 04 Oct 2022 15:49:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Accept-Encoding
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
33f80a70-638c-474f-9da2-fd03a281a11f
x-runtime
0.031944
x-xss-protection
1; mode=block
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		199 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:07:19 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=169344
accept-ranges
bytes
content-length
62062
expires
Thu, 06 Oct 2022 14:47:22 GMT
seg-1-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_hpb0jxct/name/a.mp4/ 		162 KB
163 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_hpb0jxct/name/a.mp4/seg-1-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
7564f08f674aae1a3f496f08d60c47cd0d12bf264925f1339f180e39afe406ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
X-Vod-Session
1699111287
X-Amz-Cf-Pop
FRA6-C1
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-kclj6
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
165816
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
e27d7c527ed6293c1dbb7cec1ff7d4fa
ETag
"3a1794b0-287b8"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-9m6mz
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30981721
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
MK1A-A6kx3CPjidp4MEoqQ6cvUrJeWH6HGVwJjRdfCrDr7Y0hg8O2A==
Expires
Thu, 28 Sep 2023 05:46:59 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame B756 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C6305169%2Fnewsmaxmedia%2Fnewsmax-14379-video-ads-desktop&description_url=http%3A%2F%2Fnewsmax.com&tfcd=0&npa=0&sz=324x184%7C400x300%7C444x250%7C600x252%7C640x360%7C640x480&min_ad_duration=5000&max_ad_duration=64000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2376194018972266&vpa=auto&vpmute=1&sdkv=h.3.536.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=kaltura-player-js&mpv=7.52&sdki=445&ptt=20&adk=370179413&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.536.0&sid=AEFF878B-7968-4F56-8816-0DE7BB380C36&nel=0&eid=44748969%2C44750824%2C44760950%2C44765701%2C44770825&url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&dlt=1664898294927&idt=2471&dt=1664898298018&cookie_enabled=1&scor=1883501113420941&fbidx=-1&ged=ve4_td3_tt1_pd3_la3000_er515.330.668.630_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.536.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
kampyle.js
fundingchoicesmessages.google.com/f/AGSKWxVBz90JKUkFcF2smXO0QySrSo1rgI2alrCEv2Df3KngkQNSPDtYMnsi6xT36HFMQXEcz2QgZ8Kr8FPpOC0XQnP-wwOQMLAF4MEQEu1QlTZLb_J2JrOKw06y_BQMZDsA-jdFHrWg2ca0AwFT8aO0_RhhhZV3D... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVBz90JKUkFcF2smXO0QySrSo1rgI2alrCEv2Df3KngkQNSPDtYMnsi6xT36HFMQXEcz2QgZ8Kr8FPpOC0XQnP-wwOQMLAF4MEQEu1QlTZLb_J2JrOKw06y_BQMZDsA-jdFHrWg2ca0AwFT8aO0_RhhhZV3DV6ev-8iPXb-tg7F4TdZb_tX3Iu1e86B/_-ads/728x/adblock_detect._feast_ad./ad_bot./kampyle.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74782709255647085624bba4a86908758fcb0035caa88f809df9d973842cd41a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-w55n9cwi4fzPwPNGVN1iww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-w55n9cwi4fzPwPNGVN1iww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0ddac4328f668ae559b444a15079cc6b8abf5e267a9031470db71a497124746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
2143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29492
x-xss-protection
0
server
cafe
etag
9946551676861215416
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 16:09:15 GMT
AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BUPKQ8Jx_4HhKQTz8leDpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-BUPKQ8Jx_4HhKQTz8leDpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.newsmax.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462471/hbw_master_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.newsmax.com
Date
Tue, 04 Oct 2022 15:44:57 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
js
www.googletagmanager.com/gtag/ Frame A1CE 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N8K3K3VS5M
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5249085
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
650e616ed2d6502d6c4bf9f583b548a94595d509b44d92f4599c78b3f7ad26a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75624
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 04 Oct 2022 15:44:58 GMT
bundle.min.js
browser.sentry-cdn.com/5.19.0/ Frame A1CE 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.19.0/bundle.min.js
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5249085
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
17b100a07eaf050f9955f6ded96ceac0cec7bf008cb3fc78e32fb70af65eaf7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 01 Jul 2020 14:52:33 GMT
server
Fastly
age
4174607
etag
"99b288bb0b24464f9d01497e633c6f85"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17644
expires
Thu, 17 Aug 2023 08:08:10 GMT
238e9dcb-b4fd-437e-974c-d867c4e96354
https://www.newsmax.com/ 		83 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsmax.com/238e9dcb-b4fd-437e-974c-d867c4e96354
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c2cef039dcde9a75df5aad98b9285b442d53befa897ed6e6ae83fc1156c9538

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
85425
Content-Type
text/javascript
AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--TLhFDTkHHWpNAm8s34NLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-security-policy
script-src 'report-sample' 'nonce--TLhFDTkHHWpNAm8s34NLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
trends.newsmaxwidget.com/api/demand/ 		0
0
sync
trends.newsmaxwidget.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/sync
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.231.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-231-255.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:44:58 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
server
openresty
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
index.m3u8
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/index.m3u8
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
dc33ab5ce99ed2996fe73ca5d4f6ddbe656ca885dc8a7f9489615a89ed3b674f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Content-Encoding
gzip
X-Vod-Session
1671144184
X-Amz-Cf-Pop
FRA2-C2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-cqsrd
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
383
Pragma
no-cache
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
940a737c55537e5928f16fbeed4c144d
ETag
W/"3a1794b0-179b"
Vary
Accept-Encoding
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-7rhsx
Content-Type
application/x-mpegURL
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
mkpFppdAWE_31ZBHYucn9PMn6MYkC29dYqzGStbezsgnW6t3VrngvQ==
Expires
Tue, 04 Oct 2022 15:44:58 GMT
index.php
analytics.kaltura.com/api_v3/ 		48 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&actualBitrate=466.46484375&eventType=43&partnerId=2216081&entryId=1_y3kljhtk&sessionId=bc72eab4-45c9-db43-839c-07c56952bace%3A1b95a569-934a-c2c8-a279-6b6fecc7d855&eventIndex=2&referrer=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&deliveryType=hls&playbackType=vod&clientVer=7.52&clientTag=html5%3Av7.52&position=0&playbackSpeed=1&caption=off&sessionStartTime=1664898297.598&ks=djJ8MjIxNjA4MXyQLJbLXvso_IWxZJuWGplIHXDT0BLyFl2sN3-as_HD_b-5yHXMPm6HheUB0xX53FEnU96xIddh4tbiEJkhm9Pl7RB3c3h9Q6JeyVfGSmIOKA%3D%3D&uiConfId=46496733
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.189.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-189-41.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
59315b76b4d26f85c9d930c19cb03f4270c22cd231f07dc2ec02ec01ba2fee98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Server
nginx
X-Kava-Me
ip-172-30-36-72
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Range,Accept-Encoding,Referer,Cache-Control,User-Agent,Content-Type
Expires
Tue, 04 Oct 2022 15:44:57 GMT
truncated
/ 		580 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94fe5789e3193c255373bd10c0750fa641da6a97a73640deca1702b54be9bcae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B756 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
index.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/ Frame A1CE 		163 B
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/index.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e7ca4dd09e4b37f976bba7e9545a637a2ef41984d7728f6cda6ed35a11bff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14075
x-jsd-version
0.0.6-rc21
via
1.1 vegur
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
content-length
151
x-served-by
cache-fra19128-FRA, cache-mia11384-MIA
x-jsd-version-type
version
server
cloudflare
etag
W/"a3-X/4FNbdECLc/nKRb0/7yTIzaFTk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyfGLEHAUQcu%2B99BUh3xwKcl3FPSqgzPXEGBs2Bx409sM5OLbhQQm%2Bwj3rdNlTUXReO5jW5N5tZ43qr6DoREfW3FSGtmU960L94EFqipMe0%2Bq8sNEaDl8HYyd4niULaoFoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0abcbe2c5c1a-FRA
expires
Tue, 11 Oct 2022 15:44:58 GMT
index.m3u8
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_03iwys50/name/a.mp4/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_03iwys50/name/a.mp4/index.m3u8
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
09975b6ceebf99b72832eac3a8ac87baf06e40dfb9c8d8c90328c828ff843896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Content-Encoding
gzip
X-Vod-Session
1926741511
X-Amz-Cf-Pop
FRA6-C1
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-hz4dm
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
384
Pragma
no-cache
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
622cc03c8eaa4b5209f58156e34918a0
ETag
W/"3a1794b0-179b"
Vary
Accept-Encoding
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-mm9qg
Content-Type
application/x-mpegURL
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
0xPl3ON-vubBV2bLrGqIq3h0ZzgrZS6YW3Vap2kLgsf3DvgT_uPSQQ==
Expires
Tue, 04 Oct 2022 15:44:58 GMT
index.php
analytics.kaltura.com/api_v3/ 		48 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&eventType=2&partnerId=2216081&entryId=1_y3kljhtk&sessionId=bc72eab4-45c9-db43-839c-07c56952bace%3A1b95a569-934a-c2c8-a279-6b6fecc7d855&eventIndex=3&referrer=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&deliveryType=hls&playbackType=vod&clientVer=7.52&clientTag=html5%3Av7.52&position=0.0101&playbackSpeed=1&caption=off&sessionStartTime=1664898297.598&ks=djJ8MjIxNjA4MXyQLJbLXvso_IWxZJuWGplIHXDT0BLyFl2sN3-as_HD_b-5yHXMPm6HheUB0xX53FEnU96xIddh4tbiEJkhm9Pl7RB3c3h9Q6JeyVfGSmIOKA%3D%3D&uiConfId=46496733
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.189.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-189-41.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a609023143f5e67e47d928aa98b95cd08e11817162df3102fbbb56b4a1a5b51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Server
nginx
X-Kava-Me
ip-172-30-36-72
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Range,Accept-Encoding,Referer,Cache-Control,User-Agent,Content-Type
Expires
Tue, 04 Oct 2022 15:44:57 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1382391859&t=event&_s=4&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&ul=en-us&de=UTF-8&dt=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Kaltura%20Video%20Events&ea=play&el=2216081%20%7C%2046496733%20%7C%201_y3kljhtk%20%7C%20%27Hoekstra%3A%20Colonial%20Pipeline%20Attack%20an%20%E2%80%98Act%20of%20War%E2%80%99%27&ev=1&_u=aGDAAUABAAAAAGAAI~&jid=&gjid=&cid=295364473.1664898296&tid=UA-31221-55&_gid=1513219398.1664898296&gtm=2ou9s0&z=414396334
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 00:11:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56011
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1382391859&t=event&_s=5&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&ul=en-us&de=UTF-8&dt=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Kaltura%20Video%20Events&ea=first%20play&el=2216081%20%7C%2046496733%20%7C%201_y3kljhtk%20%7C%20%27Hoekstra%3A%20Colonial%20Pipeline%20Attack%20an%20%E2%80%98Act%20of%20War%E2%80%99%27&_u=aGDAAUABAAAAAGAAI~&jid=&gjid=&cid=295364473.1664898296&tid=UA-31221-55&_gid=1513219398.1664898296&gtm=2ou9s0&z=530858293
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 00:11:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56011
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=9248945&ns_type=hidden&ns_st_sv=6.3.0.180917&ns_st_pv=3.0.1&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1664898297758&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=10&ns_st_cl=334000&ns_st_pb=1&ns_st_mp=kalturav3&ns_st_mv=7.52&ns_st_pn=1&ns_st_tp=0&ns_st_ci=1_y3kljhtk&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=-10&ns_ts=1664898298353&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=595&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=477660&ns_st_rt=100&ns_st_ub=0&ns_st_vo=0&ns_st_ws=norm&ns_st_ki=1200000&ns_st_pl=Hoekstra%3A%20Colonial%20Pipeline%20Attack%20an%20%E2%80%98Act%20of%20War%E2%80%99&ns_st_pr=Hoekstra%3A%20Colonial%20Pipeline%20Attack%20an%20%E2%80%98Act%20of%20War%E2%80%99&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=Hoekstra%3A%20Colonial%20Pipeline%20Attack%20an%20%E2%80%98Act%20of%20War%E2%80%99&ns_st_ty=video&ns_st_ct=vc00&ns_st_cs=0x0&ns_st_st=*null&ns_st_pu=*null&ns_st_cu=https%3A%2F%2Fcdnapisec.kaltura.com%2Fp%2F2216081%2Fsp%2F221608100%2FplayManifest%2FentryId%2F1_y3kljhtk%2Fprotocol%2Fhttps%2Fformat%2Fapplehttp%2FflavorIds%2F1_hpb0jxct%2C1_xc9gqf41%2C1_uocsyx0p%2C1_03iwys50%2C1_139jf12x%2Fa.m3u8%3FuiConfId%3D46496733%26playSessionId%3Dbc72eab4-45c9-db43-839c-07c56952bace%3A1b95a569-934a-c2c8-a279-6b6fecc7d855%26referrer%3DaHR0cHM6Ly93d3cubmV3c21heC5jb20vbmV3c2Zyb250L2RlZmVuc2UtY29udHJhY3Rvci1yYW5zb213YXJlLzIwMjIvMDkvMjkvaWQvMTA4OTYwNi8%3D%26clientTag%3Dhtml5%3Av7.52&ns_st_tt=off&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&c8=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&c9=
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-length
43
x-amz-cf-id
pQPhIYXwI8XIZSdIau__ufWybxwnnkD-iwqBits4mAiG9OHTf33tQw==
x-cache
Miss from cloudfront
content-type
image/gif
index.php
analytics.kaltura.com/api_v3/ 		48 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&bufferTime=0&bufferTimeSum=0&actualBitrate=466.46484375&joinTime=0.013&canPlay=0.888&networkConnectionType=4g&eventType=3&partnerId=2216081&entryId=1_y3kljhtk&sessionId=bc72eab4-45c9-db43-839c-07c56952bace%3A1b95a569-934a-c2c8-a279-6b6fecc7d855&eventIndex=4&referrer=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&deliveryType=hls&playbackType=vod&clientVer=7.52&clientTag=html5%3Av7.52&position=0.0101&playbackSpeed=1&caption=off&sessionStartTime=1664898297.598&ks=djJ8MjIxNjA4MXyQLJbLXvso_IWxZJuWGplIHXDT0BLyFl2sN3-as_HD_b-5yHXMPm6HheUB0xX53FEnU96xIddh4tbiEJkhm9Pl7RB3c3h9Q6JeyVfGSmIOKA%3D%3D&uiConfId=46496733
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.189.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-189-41.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8adf218d6254d16ee598d7f1074efe483cd2f5aebcbc251cdb85ef408ed60e64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Server
nginx
X-Kava-Me
ip-172-30-36-72
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Range,Accept-Encoding,Referer,Cache-Control,User-Agent,Content-Type
Expires
Tue, 04 Oct 2022 15:44:57 GMT
index.php
analytics.kaltura.com/api_v3/ 		48 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&playTimeSum=0.0101&bufferTime=0&bufferTimeSum=0&actualBitrate=466.46484375&averageBitrate=0&audioLanguage=&soundMode=1&tabMode=2&viewabilityMode=2&screenMode=1&forwardBufferHealth=0.028&manifestDownloadTime=0.164&segmentDownloadTime=0.133&bandwidth=9973.895&droppedFramesRatio=0&targetBuffer=70&networkConnectionType=4g&eventType=99&partnerId=2216081&entryId=1_y3kljhtk&sessionId=bc72eab4-45c9-db43-839c-07c56952bace%3A1b95a569-934a-c2c8-a279-6b6fecc7d855&eventIndex=5&referrer=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&deliveryType=hls&playbackType=vod&clientVer=7.52&clientTag=html5%3Av7.52&position=0.0101&playbackSpeed=1&caption=off&sessionStartTime=1664898297.598&ks=djJ8MjIxNjA4MXyQLJbLXvso_IWxZJuWGplIHXDT0BLyFl2sN3-as_HD_b-5yHXMPm6HheUB0xX53FEnU96xIddh4tbiEJkhm9Pl7RB3c3h9Q6JeyVfGSmIOKA%3D%3D&uiConfId=46496733
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.189.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-189-41.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c3d3d1f3f3304f780848134c66091334896be5c094272435650398d2d46d3596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Server
nginx
X-Kava-Me
ip-172-30-37-146
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Range,Accept-Encoding,Referer,Cache-Control,User-Agent,Content-Type
Expires
Tue, 04 Oct 2022 15:44:57 GMT
truncated
/ 		469 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e855336e500d734dfc8ac2732d3f8c6394459b556663b143f4335336d68fbdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVCQFcZQhAnCJS6BYVOQ1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oVCQFcZQhAnCJS6BYVOQ1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.newsmax.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVdFeO1Y7icBSUUMt8GB4KwnXcyLRYeiB2vZ72DOSIfaqpVKwEeLL103BNCITH_iVzIboh5krPmPNFE21Zcry0L_a16TKQP7g6l4Y2k5lt3w-BjCg5ZUICu7CkFgRw3jRXcQkgbeQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2AZaaWd8c0qeeR3qzqCyAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2AZaaWd8c0qeeR3qzqCyAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUN5FL03yZssjdFFeoaEdo7IDyZT4Ev3M2-kBIxJ9qjgL1YvOORQ7JuXeiIFMzc3N7EOfkJRkJAXBaE_7VDSoMni2zkj_IVU8UhV06pNMqlf3cg98ems6lby9C_XTjIpauYyOHgcQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUN5FL03yZssjdFFeoaEdo7IDyZT4Ev3M2-kBIxJ9qjgL1YvOORQ7JuXeiIFMzc3N7EOfkJRkJAXBaE_7VDSoMni2zkj_IVU8UhV06pNMqlf3cg98ems6lby9C_XTjIpauYyOHgcQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0ODk4Mjk4LDM4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm5ld3NtYXguY29tL25ld3Nmcm9udC9kZWZlbnNlLWNvbnRyYWN0b3ItcmFuc29td2FyZS8yMDIyLzA5LzI5L2lkLzEwODk2MDYvIixudWxsLFtbOCwiTnJxdEl6bnpjSWciXSxbOSwiZGUiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fe56f1b7cb3dd1af5bbd7dab3eff192b3197d1b6155711e313f993439180462
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HJaAWwMhUSSA0m8ai8Zplg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-HJaAWwMhUSSA0m8ai8Zplg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk-538a0c36.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/ Frame A1CE 		106 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/sdk-538a0c36.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425636092954fba0f2ed5218f41a96ce31447acf3a65baf02249adf4e0a23038
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/index.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14075
x-jsd-version
0.0.6-rc21
via
1.1 vegur
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
content-length
40436
x-served-by
cache-fra19124-FRA, cache-mia11370-MIA
x-jsd-version-type
version
server
cloudflare
etag
W/"1a6dd-6aG9P7kFoarpFdeEDzp1GH70q10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oNajbxmU46O2miVjHtUwWPaGEkLztrY5XLlisRzsuWsYHPmPys5faR022lnMIVQIfMAnqHaAH8fSm47rXRx45hopyJjBrDCV79%2BAu3GXRYPU5802u3nqkuv7DWIH3xMzAU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0abd2f205c1a-FRA
expires
Tue, 11 Oct 2022 15:44:58 GMT
api-errors
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Tue, 04 Oct 2022 15:44:58 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
/
trends.newsmaxwidget.com/api/delivery/ 		21 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/delivery/?is_blocked=undefined&w=167261&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&icr_url=&va=0&time=1664898298422&up=pc&bn=chrome&bv=106&widget_width=300&style_id=0&idhub[pubcid]=eb3c68b9-8677-4494-bf39-e0c8f52e758e
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.231.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-231-255.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
2254f596e0699bc4044a9b4aeeb5397652c9953ded34862d7b93dddb4ab1869e
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
content-encoding
gzip
strict-transport-security
max-age=931536000; includeSubDomains
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
8775
index.m3u8
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_uocsyx0p/name/a.mp4/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_uocsyx0p/name/a.mp4/index.m3u8
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
41f7ea1d5f0b64cc5f2517b7d5398541d72e42751f056fc767e1280ff1709ca5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
Content-Encoding
gzip
X-Vod-Session
855734440
X-Amz-Cf-Pop
FRA2-C2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-qfpws
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
385
Pragma
no-cache
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
60cddfd1c6d558bafa81f171175cd816
ETag
W/"3a1794b0-179b"
Vary
Accept-Encoding
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-mm9qg
Content-Type
application/x-mpegURL
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
bkVvwqzHsIi4weyQ2j-z5_VX7pC4xfD7eVR5g8u2NIF9B2_ZKRtnUQ==
Expires
Tue, 04 Oct 2022 15:44:58 GMT
AGSKWxX_TgMYiTpLpgPuleYM5eaq6UnMS_0dsQCebwtXLRAv77jod_3QdSBLooQErqmz56pX76d6Y_6SKdw-tuOq54vpLxy5LCR7ZLXKZWuj6zinwKd801-hScADVBDsmZtT8inAVodpAA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_TgMYiTpLpgPuleYM5eaq6UnMS_0dsQCebwtXLRAv77jod_3QdSBLooQErqmz56pX76d6Y_6SKdw-tuOq54vpLxy5LCR7ZLXKZWuj6zinwKd801-hScADVBDsmZtT8inAVodpAA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NrqtIznzcIg.es5.O/d=1/rs=AJlcJMzfAKxadiXCq04YjmdNGbfdiHEGbg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vgp1ZTxBd1BAxphB4seLog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-vgp1ZTxBd1BAxphB4seLog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires
Mon, 01 Jan 1990 00:00:00 GMT
settings
audio.beyondwords.io/api/v1/ Frame A1CE 		140 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/api/v1/settings
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.19.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fed3488b948079beb8ee72478122cd2d04a753f443f89b6d871a0a746c933e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://audio.beyondwords.io/e/5249085
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 vegur
x-permitted-cross-domain-policies
none
age
275
content-encoding
gzip
x-xss-protection
1; mode=block
x-request-id
40653e51-3a09-4d02-a953-31aa76b2cb5a
x-runtime
0.005824
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"4fed3488b948079beb8ee72478122cd2"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=300
cf-ray
754f0abdb8759b9b-FRA
expires
Tue, 04 Oct 2022 15:49:58 GMT
api-errors
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 04 Oct 2022 15:44:58 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
hls-04b18d05.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/ Frame A1CE 		165 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/hls-04b18d05.js
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/sdk-538a0c36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc478b74bc29247409a6e06eb57fad368837bbfec11b817488175a035ce1bc45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14074
x-jsd-version
0.0.6-rc21
via
1.1 vegur
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
content-length
51365
x-served-by
cache-fra19153-FRA, cache-mia11386-MIA
x-jsd-version-type
version
server
cloudflare
etag
W/"2943d-fM6SjoDZhb2pCoZuvc1BAPiB2ic"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq3quV5UjEZwFYe1PT1bJ9eMA%2FFwZ%2Br%2Ba219otgjmT10WkNKN2bIJa0hVEshYRDt8s42djUfhBjSHZR70R64%2FFkJmrNjArwJJoajyutIG6qn5JoH9YySXd2eeC%2Bfg9%2FmSoU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0abe9a365c1a-FRA
expires
Tue, 11 Oct 2022 15:44:58 GMT
seg-2-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_uocsyx0p/name/a.mp4/ 		224 KB
225 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_uocsyx0p/name/a.mp4/seg-2-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
5da35554aa8b828c08b27110c68714f8957ebe2ae3ab92407ea2d8891a0b30ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:58 GMT
X-Vod-Session
1967967760
X-Amz-Cf-Pop
FRA2-C2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-6h8lw
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
228984
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
bccbfa73369726d5e036d18ea7f28b01
ETag
"3a1794b0-37e78"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-9m6mz
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=30981685
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
kIHas33umy6s9bxZYpBozRuSlsZkrs-KgtBx-ZgUfEdYArxRDkAaYQ==
Expires
Thu, 28 Sep 2023 05:46:23 GMT
_commonjsHelpers-7d47520a.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/ Frame A1CE 		499 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/_commonjsHelpers-7d47520a.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd2c233f27a479e0b4edf3b28e6d92bacb174e2bc93adb6891848256df8502d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/hls-04b18d05.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14073
x-jsd-version
0.0.6-rc21
via
1.1 vegur
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
content-length
299
x-served-by
cache-fra19171-FRA, cache-mia11358-MIA
x-jsd-version-type
version
server
cloudflare
etag
W/"1f3-QF1phVMtzcgh4phUi20rhLD6yHM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAoJJ%2BZ2RC2UwfvDogtIorx1mLYYdvKNpYD5qrNynsfpJKi3QQNL11yCEs8GC4OJLc13UPa7jM3rfhyKIyRgRgn6DuJ6nDUcmu4E7ULzFolcvrT7Rrnp8zwg8ZmsgapBQs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0abf1b3e5c1a-FRA
expires
Tue, 11 Oct 2022 15:44:58 GMT
events
metrics.beyondwords.io/ Frame A1CE 		0
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics.beyondwords.io/events
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.19.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://audio.beyondwords.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 04 Oct 2022 15:44:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
754f0ac0ae445c1a-FRA
access-control-allow-headers
Content-Type,Access-Control-Allow-Headers,Authorization,X-Requested-With
content-length
0
app-ui-c6140f3f.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/ Frame A1CE 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/app-ui-c6140f3f.js
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/sdk-538a0c36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9689c35f2067fe07e20186af9f915c4f84311bcee9562e4640e530783887daf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14074
x-jsd-version
0.0.6-rc21
via
1.1 vegur
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
content-length
2836
x-served-by
cache-fra19128-FRA, cache-mia11357-MIA
x-jsd-version-type
version
server
cloudflare
etag
W/"1770-AgCeLAeVBRk5LA2yIsOWxTlMAQ0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IibtWGbf%2Fr%2BK4OFzrIcA%2BRuCymFSqtoDVeRYRIHmA0qKuP6aoJa7fVeKFCgAQZrXQZAwjuoC1V50xa9LDnydXrMoifXrre%2B9x0nWLMl0HfOz%2BSk5zpC6HMGnZ08B1n%2Fg3Lc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0abfac5f5c1a-FRA
expires
Tue, 11 Oct 2022 15:44:58 GMT
events
metrics.beyondwords.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://metrics.beyondwords.io/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://audio.beyondwords.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Access-Control-Allow-Headers,Authorization,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
754f0abffcfb5c1a-FRA
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 04 Oct 2022 15:44:58 GMT
server
cloudflare
helpers-96091046.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/ Frame A1CE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/helpers-96091046.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6ad119feb2cfcad10dc183a8dea87744580ebf2400d8b5000999f28191e77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc21/dist/module/app-ui-c6140f3f.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14074
x-jsd-version
0.0.6-rc21
via
1.1 vegur
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
content-length
1144
x-served-by
cache-fra19160-FRA, cache-mia11323-MIA
x-jsd-version-type
version
server
cloudflare
etag
W/"8df-E7vtplVzVOH8lJWczqoz4517oX0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeNRjOqgrcl%2FIES357r6EcVsOEd8SWv0kQzc5y1v1AGqIBltjbR1E7LIcYoQgXUU%2FapkKa14JdUEHgy9ei5lDhHSBJFHfkq5wlw6KYwBs9qjDgbDYoeIDMFoSXnUi%2BPbsFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cf-ray
754f0ac01d195c1a-FRA
expires
Tue, 11 Oct 2022 15:44:58 GMT
seg-3-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		388 KB
389 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/seg-3-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
1d110d1384ac5c2ce38fd5bf7a52f8d2bdc2d9f8ac78f2922331ef3affdfe4d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:59 GMT
X-Vod-Session
1496781262
X-Amz-Cf-Pop
FRA2-C2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-qfpws
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
397432
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
186c0fbce6d4f22d8970695fff6cb742
ETag
"3a1794b0-61078"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-7rhsx
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31098720
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
A21LbbNERJUE8dUAv420MZTPNJ8B0ePM__fJkQKJ_g73WfpY3N3rew==
Expires
Fri, 29 Sep 2023 14:16:59 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.newsmax.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsmax.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Oct 2022 15:44:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		147 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=462140893535273&correlator=159475449343857&eid=31068501%2C31069635%2C31070024%2C44775020%2C44772496&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fifs&iu_parts=6305169%2CNewsmax%2Cnewsfront&enc_prev_ius=%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C300x250%7C300x600%2C300x250&ifi=1&adks=1633344497%2C1887997753%2C2244511753%2C3586917250%2C1859581002%2C3634055288&sfv=1-0-38&fsapi=false&prev_scp=pos%3DInArticle%26page_type%3Darticle%26refresh%3D45%26res%3Dboth%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DInArticleMiddle%26page_type%3Darticle%26refresh%3D45%26res%3Dboth%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DTopRight%26page_type%3Darticle%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DMiddleRight%26page_type%3Darticle%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DTallMiddleRight%26page_type%3Darticle%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DBottomRight%26page_type%3Darticle%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=promo_code%3D1034014qqur4%26nmid%3D1089606%26nmtags%3Ddefense%252Ccontractor%252Cransomware%26PubYear%3D2022%26PubMonth%3D09%26signedup%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1664898299171&lmt=1664898299&dlt=1664898294927&idt=1036&adxs=480%2C480%2C960%2C960%2C960%2C960&adys=1337%2C2637%2C280%2C486%2C2347%2C2367&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C0%7C0%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&frm=20&vis=1&psz=300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0&msz=300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4%2C4&ohw=300%2C300%2C300%2C300%2C300%2C300&ga_vid=295364473.1664898296&ga_sid=1664898299&ga_hid=1382391859&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
233bf3c66ab5c554a53023e4f14c427a79d9f0358d5da395fd6d3eb6ccdaa537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34006
x-xss-protection
0
google-lineitem-id
-1,-1,-2,-2,5562622793,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,-2,138339039094,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.newsmax.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9f9f5662b2b94e850718fe9105522f7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FEFB 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f9f5662b2b94e850718fe9105522f7b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 15:44:59 GMT
expires
Wed, 04 Oct 2023 15:44:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
seg-4-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		752 KB
753 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/seg-4-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
345e08f69c3d391772d93b6a52c9a82b502c881f9e64a686f05c108c9069e08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:59 GMT
X-Vod-Session
713791529
X-Amz-Cf-Pop
FRA60-P2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-qfpws
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
770424
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
6c311239974286671ec4475fae53daa5
ETag
"3a1794b0-bc178"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-7rhsx
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31098684
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
lUBr2SbDstZ6CqZCT5eKfmd7C9OUmnQjxcy9KIAf6g48xqog_gwo7w==
Expires
Fri, 29 Sep 2023 14:16:23 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:44:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Oct 2022 15:44:59 GMT
seg-5-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/seg-5-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
ada9237f07f0460aecc6431717ec3359b2e91e2ae039cb34053fb8d0bbd76df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:44:59 GMT
X-Vod-Session
1655766499
X-Amz-Cf-Pop
FRA6-C1
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-t6s5w
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2115000
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
03592dafdc998ff7fa7cd9629d6dee76
ETag
"3a1794b0-2045b8"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-7rhsx
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31098464
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
57DOmNT6_Y5aTtgEeGnSbBv02wuM7X9UQ8Pz6s1je-7S0UN5bdlBZw==
Expires
Fri, 29 Sep 2023 14:12:43 GMT
seg-6-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/seg-6-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
a9cb324f5fc1ab9a9f5b4ef516de96216086250f5d282b3f56b948fdb6dfe086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:00 GMT
X-Vod-Session
305305539
X-Amz-Cf-Pop
FRA6-C1
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-wwp7v
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1504376
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
d34631d6655d9e2cedbb10522e03e98a
ETag
"3a1794b0-16f478"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-mm9qg
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31402958
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
UsFW3y_w04H4cvY8io3ZNQwvRdRBze9_dpCzq7BA61iyJxCl4E-lpg==
Expires
Tue, 03 Oct 2023 02:47:38 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:47:41 GMT
content-encoding
gzip
age
1763839
x-guploader-uploadid
ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 14 Sep 2023 05:47:41 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209142312000/ Frame 2784 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 17:07:16 GMT
age
81464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61591
x-xss-protection
0
server
sffe
etag
"e54f9754f7fcb5b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Oct 2023 17:07:16 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 2784 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:27 GMT
age
318513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5187
x-xss-protection
0
server
sffe
etag
"59737ceedde8bf1d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 2784 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:16 GMT
age
318524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"e2dd099ef3a2ca02"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 2784 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Oct 2022 05:36:22 GMT
age
36518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
etag
"01e154329648e832"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Oct 2023 05:36:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame 2784 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Sep 2022 23:16:16 GMT
age
318524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12955
x-xss-protection
0
server
sffe
etag
"45d7f146b93052d9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Sep 2023 23:16:16 GMT
truncated
/ Frame 2784 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23daa95b2a360920e62651466fbae0ff9b8c4d65281c11ba6f2936fb15644a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
4028014685417200625
tpc.googlesyndication.com/daca_images/simgad/ Frame 2784 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4028014685417200625
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9327a3890c1273a1416a33670139d776a3234a8019029fac4e625b55005417ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 22:03:41 GMT
x-content-type-options
nosniff
age
63679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37052
x-xss-protection
0
last-modified
Tue, 31 May 2022 14:24:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Oct 2023 22:03:41 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2784 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:47:42 GMT
x-content-type-options
nosniff
server
cafe
age
28638
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 05 Oct 2022 07:47:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2784 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:43:04 GMT
x-content-type-options
nosniff
server
cafe
age
28916
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 05 Oct 2022 07:43:04 GMT
l
www.google.com/ads/measurement/ Frame 2784 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCxnI3aU4C7IBbr5RoTYj5QtniFD8OnkfZySJYRK1s9hfYZmDG0I6YDBYUTVafg-DXdP_S
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 2784 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz6i5-1Q8Y4HuF4ivgQepzoLYDZ7-mdhr8PzFudYQneTav80BEAEgweXaIWCV0qyCtAegAZ26sqMDyAECqQKG44N3ChyzPuACAKgDAcgDCKoE3gJP0HpNX7dwITpEENMVKgJM7eJucu-r4MyTYnHyVyV9moQOFaRZjve6s6iOtawvWFud46Lj0VTjMF1jm1iMzTd6CoqdeAnUChf2zSUs0ORnfNbDHXyUyD1X5KZYe8c7Nurojx1kAs0IxSgkwwo9xaQc1br3rCeamwJ7vKsLyPbvRZIk9DNwGbiuz7dQ6izYiqGErtEyUcd3-WSm-ycjkWh3J73yZcbNcAj5lN7OSKYooMjvfTuk4KPxmfg8PNh5xtcM0BymWDC-IvrZ6psYU7Jga8x31uS-wTVLDCEjuJJmVhujyukbmOaM_uITAqPkkmSUiR-yPFWy4XbGk9nEf4MkjogBbJ_VSP7RPbNaEaSJ0T25bEvOOC0-citsGQSBTRKI7nOFUBBxMZftnzAzqgbI5HiUzYVLxNn1U-pQLM56Kjp9M9SWmQR0fHe5aZTvKSazmHNwKM4zUfLSW1e9NMAEj-GplsUD4AQBkgUECAQYAZIFBAgFGASgBgKAB8mW7IYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2Msz0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItNDg1MjM0ODgyMzczNTIxMhjR4hA&sigh=f1vrqaUeYAk&uach_m=[UACH]&cid=CAQSOwCsnQUxAkBHW9UlYkgoxdDhhIGWbV-D1PMv_1718j54EGw0Cdm9mZe1E7Nk2y2QqL4yVbDrNK7YnxNMGAEgDg
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
esp
oajs.openx.net/ 		85 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
dfe8a177bcf688e5d60645da7c078395ba551eb513942c305753a9d200a230eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:00 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-PNwy/nomVbe8C/uHMlxtEriaA4Q"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
multitracking
ghb.adtelligent.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462471/hbw_master_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.newsmax.com
Date
Tue, 04 Oct 2022 15:44:59 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 04 Oct 2022 15:45:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
267661
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=VnGRgHw3TzVDckJwcmR4VnAvaURCZmh5QUVkVDJrRlJySXlIaHBqcUJ5YjFvS3BGUlRHZm9DLys5RjkvdWloS0l3MC91M3oyZkR3UVBIQThZcHBXb2NvMjBHanZpTzlaNmxFWUtGK3FoYW9BYVowT3g3ZFA3UHkyQU1LWn...
359 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VnGRgHw3TzVDckJwcmR4VnAvaURCZmh5QUVkVDJrRlJySXlIaHBqcUJ5YjFvS3BGUlRHZm9DLys5RjkvdWloS0l3MC91M3oyZkR3UVBIQThZcHBXb2NvMjBHanZpTzlaNmxFWUtGK3FoYW9BYVowT3g3ZFA3UHkyQU1LWnY1aGk0dENYVnlUeDl1U3B3MTFtSURYOEplcVZjUlRDS2ZCYkQyWWQrc2tORzdzS2NHSWRwNGh5YzdKSEhMN1N3QlgzUkxBRTVLK1ZWRTI0UnBpNkdOaFNIdzRiQ045Rm02enZwY1NvN2RwcXhNOEpZaU8raWVPeUI3b005allXTENnbzlYYllqfA&cppv=2
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cbbfb0364857320ac752289682dddc51d9b32de07f0a7bdcdf5f8ea753c16349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1438024
expires
0

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=VnGRgHw3TzVDckJwcmR4VnAvaURCZmh5QUVkVDJrRlJySXlIaHBqcUJ5YjFvS3BGUlRHZm9DLys5RjkvdWloS0l3MC91M3oyZkR3UVBIQThZcHBXb2NvMjBHanZpTzlaNmxFWUtGK3FoYW9BYVowT3g3ZFA3UHkyQU1LWnY1aGk0dENYVnlUeDl1U3B3MTFtSURYOEplcVZjUlRDS2ZCYkQyWWQrc2tORzdzS2NHSWRwNGh5YzdKSEhMN1N3QlgzUkxBRTVLK1ZWRTI0UnBpNkdOaFNIdzRiQ045Rm02enZwY1NvN2RwcXhNOEpZaU8raWVPeUI3b005allXTENnbzlYYllqfA&cppv=2
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
615792
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.161.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-161-218.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6ae321c4efb8d84aec8368f30e0b6e47f0a56b56a3a3d722f5727af1d253758e

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache
x-server
10.45.22.4
access-control-allow-credentials
true
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
751f36c69f7e0d77f6ecd4281e85e40bb98e7b58370e9a3f25e8f7270f994cd8

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Oct 2022 15:45:00 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 03 Nov 2022 15:45:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2784
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

date
Tue, 04 Oct 2022 15:45:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 62C8 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 04 Oct 2022 15:45:00 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
index.php
analytics.kaltura.com/api_v3/ 		48 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&actualBitrate=755.6171875&eventType=43&partnerId=2216081&entryId=1_y3kljhtk&sessionId=bc72eab4-45c9-db43-839c-07c56952bace%3A1b95a569-934a-c2c8-a279-6b6fecc7d855&eventIndex=6&referrer=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&deliveryType=hls&playbackType=vod&clientVer=7.52&clientTag=html5%3Av7.52&position=2.087507&playbackSpeed=1&caption=off&sessionStartTime=1664898297.598&ks=djJ8MjIxNjA4MXyQLJbLXvso_IWxZJuWGplIHXDT0BLyFl2sN3-as_HD_b-5yHXMPm6HheUB0xX53FEnU96xIddh4tbiEJkhm9Pl7RB3c3h9Q6JeyVfGSmIOKA%3D%3D&uiConfId=46496733
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.189.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-189-41.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a50cb02bdda2f2ae842c05a47e4b549d99dc0f09cae516355512a32e494dda27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:00 GMT
Server
nginx
X-Kava-Me
ip-172-30-37-146
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Range,Accept-Encoding,Referer,Cache-Control,User-Agent,Content-Type
Expires
Tue, 04 Oct 2022 15:44:59 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VnGRgHw3TzVDckJwcmR4VnAvaURCZmh5QUVkVDJrRlJySXlIaHBqcUJ5YjFvS3BGUlRHZm9DLys5RjkvdWloS0l3MC91M3oyZkR3UVBIQThZcHBXb2NvMjBHanZpTzlaNmxFWUtGK3FoYW9BYVowT3g3ZFA3UHkyQU1LWnY1aGk0dENYVnlUeDl1U3B3MTFtSURYOEplcVZjUlRDS2ZCYkQyWWQrc2tORzdzS2NHSWRwNGh5YzdKSEhMN1N3QlgzUkxBRTVLK1ZWRTI0UnBpNkdOaFNIdzRiQ045Rm02enZwY1NvN2RwcXhNOEpZaU8raWVPeUI3b005allXTENnbzlYYllqfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 04 Oct 2022 15:45:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
330563
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
seg-7-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/seg-7-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
c6ce4a04be4375467147982cc928468f76ba54f703d0eea4a9f9c2834b0b0e5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:00 GMT
X-Vod-Session
261388840
X-Amz-Cf-Pop
FRA2-C2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-6h8lw
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1534456
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
012d3556c670cc596eda2cb5fc1f1995
ETag
"3a1794b0-1769f8"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-7rhsx
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31098739
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
2cizH2Z6WsXPzZKYqW8EKIGxc8bczp44YGJrVW6HylE8BdPvomYZOA==
Expires
Fri, 29 Sep 2023 14:17:19 GMT
seg-8-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/seg-8-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
515b99e2e16b77ae4173f5b815d14831d226d625b0fab86c5fa3e2a5333849ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:00 GMT
X-Vod-Session
1114945690
X-Amz-Cf-Pop
FRA6-C1
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-6h8lw
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1504376
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
44b30446406857a58736f44f3734d04e
ETag
"3a1794b0-16f478"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-7rhsx
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31098760
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
HhODqCtutjsq1tGGKyZF9SvcwCdW5DA0ZHo3j8EnJYwjLEaHowIoPA==
Expires
Fri, 29 Sep 2023 14:17:40 GMT
seg-9-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/seg-9-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
5ded60272ed7f7d09ffd48a82baad37ac4ad42ee28e9398359d37c0c1d77e9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:01 GMT
X-Vod-Session
1165308805
X-Amz-Cf-Pop
FRA6-C1
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-9vnxm
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1471288
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
c552812300b1f00938d9ec2849f7162c
ETag
"3a1794b0-167338"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-mm9qg
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31402869
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
tiWl2x1jwaVWkdMjemg8oeRQMvqn_neadNZuwNtwv3EeRHW-gn0F2w==
Expires
Tue, 03 Oct 2023 02:46:10 GMT
seg-10-v1-a1.ts
nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxvod.akamaized.net/fhls/p/2216081/sp/221608100/serveFlavor/entryId/1_y3kljhtk/v/1/ev/6/flavorId/1_139jf12x/name/a.mp4/seg-10-v1-a1.ts
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-210.deploy.static.akamaitechnologies.com
Software
Kaltura /
Resource Hash
5a3d5866167ee7537ae35c1ccdc62db67c126f51da032a975f60e7fe766af1fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:01 GMT
X-Vod-Session
1841301510
X-Amz-Cf-Pop
FRA60-P2
X-Proxy-Me
nvp1-vod-proxy-blue-84ccc4f466-wwp7v
Connection
keep-alive
Akamai-Mon-Iucid-Del
555551
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1961592
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
Kaltura
X-Proxy-Session
ed17a7fb7e4585cc2171f360233651de
ETag
"3a1794b0-1dee78"
Access-Control-Max-Age
86400
X-Vod-Me
nvp1-vod-packager-blue-78fcd744db-t87tk
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31424332
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
22CNASMpSuByTlNILUfTd-lgdfIhGfHEGDLMOj_5fH9zU2aKBrUUIQ==
Expires
Tue, 03 Oct 2023 08:43:53 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=cySoKnxFNmtZSlUxMXZLNDd2QVdIcnJ6TEFzYThUTkZLNVdzU1dEdWtoWWVaTUFWZjBidmFWTWJNeUlIY0pXZ3NMSmUyb1U0ZUhVNUxZbHBmMWgvQXNZTW55SStYQ2VKMll3UXBjUy9nVjdDWW5UZi9iWlNPVFpuZ1VFeX...
360 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=cySoKnxFNmtZSlUxMXZLNDd2QVdIcnJ6TEFzYThUTkZLNVdzU1dEdWtoWWVaTUFWZjBidmFWTWJNeUlIY0pXZ3NMSmUyb1U0ZUhVNUxZbHBmMWgvQXNZTW55SStYQ2VKMll3UXBjUy9nVjdDWW5UZi9iWlNPVFpuZ1VFeXErZHdBMmloN1VmVDRzeE53WmFUc2tEb2xHUENnRWx5YmpkWEVGejdEK0lwSHlvNm44WkFuSzVLNHFCMHFtdmxvWFh5WDN2VVE4ME9XTUlYcUpoL0lQc2dJMEVka0wzTHJZOHZpMVkwKzlRN3RnQW9mVG8wTnhGeUZPNC9BRVVrRnJoQWQxbjZifA&cppv=2
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08ecbe1e964191c0320cb69a3fd6849c2e686cc5ec8814be89da7a7664bd4c85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1395791
expires
0

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=cySoKnxFNmtZSlUxMXZLNDd2QVdIcnJ6TEFzYThUTkZLNVdzU1dEdWtoWWVaTUFWZjBidmFWTWJNeUlIY0pXZ3NMSmUyb1U0ZUhVNUxZbHBmMWgvQXNZTW55SStYQ2VKMll3UXBjUy9nVjdDWW5UZi9iWlNPVFpuZ1VFeXErZHdBMmloN1VmVDRzeE53WmFUc2tEb2xHUENnRWx5YmpkWEVGejdEK0lwSHlvNm44WkFuSzVLNHFCMHFtdmxvWFh5WDN2VVE4ME9XTUlYcUpoL0lQc2dJMEVka0wzTHJZOHZpMVkwKzlRN3RnQW9mVG8wTnhGeUZPNC9BRVVrRnJoQWQxbjZifA&cppv=2
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
337821
content-length
0
expires
0
692.json
id5-sync.com/g/v2/ 		216 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
4cd76c60e1ec74ca32eae9fd9f39376f5c025d167535e994eee296e4a8e3ea3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Tue, 04 Oct 2022 15:45:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ixmatch.html
js-sec.indexww.com/um/ Frame C9DF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Oct 2022 15:45:02 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 87CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c-2cfImqCr7ikOaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined&gdpr=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Oct 2022 15:45:03 GMT
server
33XP001
x-33x-status
2000208
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 776C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898&gdpr=0&gdpr_consent=
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55637
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 04 Oct 2022 15:45:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 05 Oct 2022 07:12:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 6615 		1006 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
eab9c15881943c75905dbde00e4909468dc9ace405037d06a6e6f8de965be350

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
545
content-type
text/html
date
Tue, 04 Oct 2022 15:45:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 8345 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664898297389&gdpr=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
visitormatch
bh.contextweb.com/ Frame 4757
Redirect Chain
  • https://bh.contextweb.com/visitormatch
  • https://bh.contextweb.com/visitormatch?reat=1
27 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?reat=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5d5cf8576-6fkrv
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-5d5cf8576-jqjpc
expires
-1
location
/visitormatch?reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
usync.html
eus.rubiconproject.com/ Frame B6E1 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Oct 2022 15:45:03 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D65F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462471/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
36031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 04 Oct 2022 15:45:02 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 625498
X-Served-By
cache-lga21951-LGA, cache-hhn4061-HHN
X-Timer
S1664898302.474717,VS0,VE0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=85c593c9-995f-4c2c-8115-084123a5db38
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=85c593c9-995f-4c2c-8115-084123a5db38
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e56cce14-5d30-46fb-9b86-eab3d073ef9d&ssp=sonobi&expires=30&user_group=5&bsw_param=85c593c9-995f-4c2c-8115-084123a5db38
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=85c593c9-995f-4c2c-8115-084123a5db38
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=85c593c9-995f-4c2c-8115-084123a5db38
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-64
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=85c593c9-995f-4c2c-8115-084123a5db38
Date
Tue, 04 Oct 2022 15:45:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5131077722748813356
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5131077722748813356
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-47
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5131077722748813356
Date
Tue, 04 Oct 2022 15:45:02 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=bc2afab5f7&gdpr=0&gdpr_consent=
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YmRjYzFkZTQtZWY3Yi00NmRlLTk3NGUtMGU3NjQ2ZGFkODdj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEJZilfM-J8pEs51SMkaXDUU&google_cver=1
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEJZilfM-J8pEs51SMkaXDUU&google_cver=1
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-121
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEJZilfM-J8pEs51SMkaXDUU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8765633c-54f9-4200-8159-6c977aa79157
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8765633c-54f9-4200-8159-6c977aa79157
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-123
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 04 Oct 2022 15:45:02 GMT
Server
MT3 4525 e1952b7 master cdg-pixel-x34 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=8765633c-54f9-4200-8159-6c977aa79157
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 04 Oct 2022 15:45:01 GMT
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=bdcc1de4-ef7b-46de-974e-0e7646dad87c&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NU5jRGw5R0pzbzdHV0ZhcThKdWNHdw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGvXA2DOJh44Q_qetVlqUp0&google_cver=1
49 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGvXA2DOJh44Q_qetVlqUp0&google_cver=1
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5d5cf8576-6fkrv
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGvXA2DOJh44Q_qetVlqUp0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 04 Oct 2022 15:45:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
447112
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=cySoKnxFNmtZSlUxMXZLNDd2QVdIcnJ6TEFzYThUTkZLNVdzU1dEdWtoWWVaTUFWZjBidmFWTWJNeUlIY0pXZ3NMSmUyb1U0ZUhVNUxZbHBmMWgvQXNZTW55SStYQ2VKMll3UXBjUy9nVjdDWW5UZi9iWlNPVFpuZ1VFeXErZHdBMmloN1VmVDRzeE53WmFUc2tEb2xHUENnRWx5YmpkWEVGejdEK0lwSHlvNm44WkFuSzVLNHFCMHFtdmxvWFh5WDN2VVE4ME9XTUlYcUpoL0lQc2dJMEVka0wzTHJZOHZpMVkwKzlRN3RnQW9mVG8wTnhGeUZPNC9BRVVrRnJoQWQxbjZifA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 04 Oct 2022 15:45:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
546860
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 776C 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83621950&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:02 GMT
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 6615
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8hukU1S61OFK6q5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8hukU1S61OFK6q5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:02 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8hukU1S61OFK6q5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6615
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=o...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=85c593c9-995f-4c2c-8115-084123a5db38&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=85c593c9-995f-4c2c-8115-084123a5db38&gdpr=&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=85c593c9-995f-4c2c-8115-084123a5db38&gdpr=&gdpr_consent=
Date
Tue, 04 Oct 2022 15:45:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 6615
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7625102834525118574
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7625102834525118574
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:02 GMT
AN-X-Request-Uuid
c57119cb-f71c-406d-8805-1ebe69c3a2d6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7625102834525118574
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox
match.prod.bidr.io/cookie-sync/ Frame 6615 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ox
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.213.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-213-220.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:02 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6615
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8765633c-54f9-4200-8159-6c977aa79157
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8765633c-54f9-4200-8159-6c977aa79157
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 04 Oct 2022 15:45:02 GMT
Server
MT3 4525 e1952b7 master cdg-pixel-x27 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8765633c-54f9-4200-8159-6c977aa79157
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 04 Oct 2022 15:45:01 GMT
sd
us-u.openx.net/w/1.0/ Frame 6615
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=mGuVyptswJGDaZadn2CLnJdukJmDO5WemTo47E9z
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=mGuVyptswJGDaZadn2CLnJdukJmDO5WemTo47E9z
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=mGuVyptswJGDaZadn2CLnJdukJmDO5WemTo47E9z
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6615
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6050012896084310550
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6050012896084310550
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6050012896084310550
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 6615 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=389057e0-2ff0-7b63-e5ef-282091094673&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6615 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTRmZjg0MmEtZTY4Ny0yNWM3LWYwMGYtNzI5OTViZWI4ODEz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6615
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBD2mwPW5uWHvr8zpU27650&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBD2mwPW5uWHvr8zpU27650&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBD2mwPW5uWHvr8zpU27650&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
analytics.kaltura.com/api_v3/ 		48 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&actualBitrate=1396.248046875&eventType=43&partnerId=2216081&entryId=1_y3kljhtk&sessionId=bc72eab4-45c9-db43-839c-07c56952bace%3A1b95a569-934a-c2c8-a279-6b6fecc7d855&eventIndex=7&referrer=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&deliveryType=hls&playbackType=vod&clientVer=7.52&clientTag=html5%3Av7.52&position=4.087543&playbackSpeed=1&caption=off&sessionStartTime=1664898297.598&ks=djJ8MjIxNjA4MXyQLJbLXvso_IWxZJuWGplIHXDT0BLyFl2sN3-as_HD_b-5yHXMPm6HheUB0xX53FEnU96xIddh4tbiEJkhm9Pl7RB3c3h9Q6JeyVfGSmIOKA%3D%3D&uiConfId=46496733
Requested by
Host: cdnapisec.kaltura.com
URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.189.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-189-41.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8f5ae75124ec980300a4e012d3c0b36f68c35da21eb56ab99dc9b7ef84f3f8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:02 GMT
Server
nginx
X-Kava-Me
ip-172-30-37-146
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Range,Accept-Encoding,Referer,Cache-Control,User-Agent,Content-Type
Expires
Tue, 04 Oct 2022 15:45:01 GMT
async_usersync
ib.adnxs.com/ Frame D65F 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:02 GMT
AN-X-Request-Uuid
096faceb-4d80-4460-ad91-0272eac03372
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A021
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98af9a0a0da00caacaffde392a514716bc31efa868582124e6b41496f2b3953a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
754f0adaf9f390a0-FRA
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 15:45:03 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2sIAPIoKnRbCUvFvBHE5HD5c7TLYtONm2ld67ssZ%2FmgndYaS3Z42KcP3BOkLlllCy9CNMManjgm%2BDyMyxIiYc7rZwryy%2FI1Xni2oeWrTAknUmklT8b1e30xQ0HsntVDxddr7PcDUIrFNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
754f0ada49de9b95-FRA
content-length
0
date
Tue, 04 Oct 2022 15:45:03 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPEzkadH6ggEoD3wFYNqXUEdFK9QYzIDGjX5dbt8NK%2FA%2FzZd45baGNWjZntH6n5Cg74KZLgD%2BCOKns1sRZ239CCkDnILTm2N%2Bi%2FxXJ%2FReTEG5bwqztF0VR9kkQS1C3Ekxn%2FO7ghop04q%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame B6E1 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30118
Connection
keep-alive
Content-Length
9421
Expires
Wed, 05 Oct 2022 00:07:01 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame B6E1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B6E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhVREdLMFQtNi1HN1RG&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhVREdLMFQtNi1HN1RG&gdpr=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhVREdLMFQtNi1HN1RG&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B6E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ5ZmQyMjc2YzU1NWEwYmYyM2UxODYxYzY0NGFmNGVmZGViZTZiZg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ5ZmQyMjc2YzU1NWEwYmYyM2UxODYxYzY0NGFmNGVmZGViZTZiZg&gdpr=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ5ZmQyMjc2YzU1NWEwYmYyM2UxODYxYzY0NGFmNGVmZGViZTZiZg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B6E1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VdCLdmtoSqa4b78JzajL5Q&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VdCLdmtoSqa4b78JzajL5Q&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VdCLdmtoSqa4b78JzajL5Q&gdpr=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SC79E711QTQN41VY45F8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VdCLdmtoSqa4b78JzajL5Q&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B6E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOzrKpYz4D69G9gi9pjCb1Y&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOzrKpYz4D69G9gi9pjCb1Y&google_cver=1
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOzrKpYz4D69G9gi9pjCb1Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B6E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/VmlxOSUD3Am7y6Z80b4o2A?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4650119976996290186
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4650119976996290186
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 04 Oct 2022 15:45:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4650119976996290186
content-length
0
setuid
px.ads.linkedin.com/ Frame B6E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8UDGK0T-6-G7TF&gdpr=0
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8UDGK0T-6-G7TF&gdpr=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:03 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2892E92A4B224A2288C6D16EA9AD449D Ref B: FRAEDGE1306 Ref C: 2022-10-04T15:45:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqN1f9pdE/T7Of12BV5Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8UDGK0T-6-G7TF&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B6E1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PiC2Y13gTm-KIb7w3PHcMA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PiC2Y13gTm-KIb7w3PHcMA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PiC2Y13gTm-KIb7w3PHcMA&gdpr=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5AQPF767MQMT3RW0DRPW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=PiC2Y13gTm-KIb7w3PHcMA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame D65F 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:03 GMT
AN-X-Request-Uuid
eb0278f9-b911-4347-93dd-39625b1b9088
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A021 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame A021
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMZ9xvtrqQcOX2ipkukGus8&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMZ9xvtrqQcOX2ipkukGus8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj%2BRHVdFMdkApnt2v8n4pSCFYYe0r5Q2rshEx%2FK86T2rFgY7v8Xv07wEX3Un%2FSOSAg4v2Qtou6YRaP01jRPvBqpERtpHgQ03zFmqvWQRuh0dO7Vk6%2BtomhJavS2zJ%2BSSXBYcpTfwCPlZ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
754f0add8e4b90a0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMZ9xvtrqQcOX2ipkukGus8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A021
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TTDR7T50MTJR13C9TZVE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C9JWAXB8RH4J9SDZ09PK
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A021
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzxU-1Hzo3HI-aHYprnZPgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHI-f9wLpn8zn0Lrn3K0DEk&google_cver=1
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHI-f9wLpn8zn0Lrn3K0DEk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rKXpSfg2AJA54IRVYrIyT8pn3pmw3oShb7x3O9VARCiwM99gB8eQoPOI5iR0yw2IXXeQf7GwfklX%2BBzV0SqFnhiXgmDi9x5cyFFk9iYePMBOi8b890blkdGXA9uidWF81ETiVM34ZnZTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
754f0ae11e60bb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHI-f9wLpn8zn0Lrn3K0DEk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A021 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzxU_1Hzo3HI_aHYprnZPgAABKoAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum.casalemedia.com/ Frame A021
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664984703
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664984703
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664984703
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame A021
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5D6Mr6lPJXkZA%2FxaY1cRkazimULnwgBj4CATjij6ddiVwgZ19SAyx4jaQFEubQcNUEyZ0iAhUoWr%2BV486D9HY3MZO7Diku2Rhe%2Fh5vMGTrh2eJW1LDRwhlpdgC51euS9QCohsbBYCKoGoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
754f0adedd769a0f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum.casalemedia.com/ Frame A021
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7625102834525118574
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7625102834525118574
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:03 GMT
AN-X-Request-Uuid
38d03d49-c89b-4e16-950e-36ef290c46e7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7625102834525118574
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame A021 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzxU-1Hzo3HI-aHYprnZPgAA%261194
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:03 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
84
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
754f0adedf7a5c4a-FRA
content-length
43
expires
Tue, 04 Oct 2022 19:45:03 GMT
impression
trends.newsmaxwidget.com/event/ 		0
0
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19bc9356fee44c5b15d7a7b6eab8ef86eece12f6b616c84567b5217de12fe7df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 15:06:59 GMT
server
AmazonS3
x-amz-request-id
JDQT5XHE0678ZKKB
etag
"d26a20b846c0ce340be5f46497213964"
x-hw
1664898304.cds130.fr8.hn,1664898304.cds154.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
7034
x-amz-id-2
4Db09aCqd0/6/HzEw1CG/SH9psOJaortj4HoCRZkFUTVuHe1aB9y7au/mK77H1DiDgxZ18ZYxqU=
defaultWidget.delivery.js
assets.revcontent.com/master/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
942c34d2e0b125fb325ce4f0992f8f2f64d07de8237386ebf633168abadcd392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 15:06:57 GMT
server
AmazonS3
x-amz-request-id
HN67Q0Z5A5ERSPS7
etag
"d718106712bc7cfdf28846ac5db228d5"
x-hw
1664898304.cds130.fr8.hn,1664898304.cds280.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6207
x-amz-id-2
7Jl2vn1NAZrZS3jF6+U6pmhWtF0yARGq2LSUS0wmnx4OpyfQ4q7o5kD9SLwYfOJBcxGSzrdWKpI=
moatad.js
z.moatads.com/revcontentdisplay556968265165/ 		304 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/revcontentdisplay556968265165/moatad.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2b204664bc5bca04f6e236ba9d3437286a632064409c8dbf9b7596c5e3993f71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
content-encoding
gzip
last-modified
Wed, 21 Sep 2022 18:29:47 GMT
server
AmazonS3
x-amz-request-id
1MHY2K8H1JHHT9ZB
etag
"c888cfaefa93a528628f7a02cafb75b3"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=17840
accept-ranges
bytes
content-length
106264
x-amz-id-2
IWu1WnSgvoJ6QlHH4nYIFGr4YCOmMipQLG3Mug7DgMdBPv+Zza8R/pFBL7HhshjPlUOaJySYsBY=
60e7529b7fd7b9-20759932.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/60e7529b7fd7b9-20759932.jpg
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f0d4006b136060b288c53cda749f12f4ab0bc47ab9e4661ee5bc66bc7e08810f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 21:55:31 GMT
server
Cloudinary
etag
"81c811efba0e4365005e7e5c550711b7"
x-hw
1664898304.cds125.fr8.hn,1664898304.cds106.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=1;start=2022-09-29T10:06:22.128Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
5193
6265332a3e07c5-36054590.png
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/6265332a3e07c5-36054590.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
06e5756210f6af7871df329f8464c1c3ec4455c6e71b42a61c9c1bdf9f9f8357
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 28 Apr 2022 20:20:30 GMT
server
Cloudinary
etag
"91e1eb2e3d9729320f0015c573f6144f"
x-hw
1664898304.cds125.fr8.hn,1664898304.cds240.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=159;cpu=0;start=2022-10-04T13:39:08.237Z;desc=miss,rtt;dur=0,cloudinary;dur=65;start=2022-10-04T13:39:08.284Z
accept-ranges
bytes
timing-allow-origin
*
content-length
7451
633a7fc45cbfb8-82363386.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/633a7fc45cbfb8-82363386.jpg
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3eb9a491f894c7765183b0c0de8023ac606a780cc5af62bd1b9b5c6202e50c19
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=426;cpu=0;start=2022-10-04T08:15:28.017Z;desc=miss,rtt;dur=0,cloudinary;dur=311;start=2022-10-04T08:15:28.066Z,cld-id;desc=e2c1e071ff8926baee06af7e12334b3c
content-length
8909
x-request-id
e2c1e071ff8926baee06af7e12334b3c
last-modified
Tue, 04 Oct 2022 06:36:26 GMT
server
Cloudinary
etag
"90f7f25dbf9ea30342a468f1076bb8d3"
x-hw
1664898304.cds125.fr8.hn,1664898304.cds245.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
616d600e8c4729-97307270.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/616d600e8c4729-97307270.jpg
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c5036965c2491cbffd3a6b75340dc9938c7c53c8503d00d46381c5faf05283a9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:04 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 01 Dec 2021 14:25:53 GMT
server
Cloudinary
etag
"a28d969d101bf2c66475e1e5a838a1cb"
x-hw
1664898304.cds125.fr8.hn,1664898304.cds213.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=1;cpu=0;start=2021-12-17T00:06:18.983Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
8251
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1664898304685&de=44466609039&m=0&ar=220b545db30-clean&iw=33baaee&q=2&cb=0&ym=0&cu=1664898304685&ll=2&lm=0&ln=0&em=0&en=0&d=144903%3A167261%3A5856621%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&it=500&ti=0&ih=2&pe=1%3A2848%3A2848%3A0%3A4549&fs=200409&na=2144818175&cs=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Oct 2022 15:45:04 GMT
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 04 Oct 2022 15:45:04 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 04 Oct 2022 15:45:04 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Tue, 04 Oct 2022 15:45:05 GMT
x-envoy-upstream-service-time
0
Server
openresty
Connection
keep-alive
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Tue, 04 Oct 2022 15:45:05 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1664898304781&de=945198590161&m=0&ar=220b545db30-clean&iw=33baaee&q=5&cb=0&ym=0&cu=1664898304781&ll=2&lm=0&ln=0&em=0&en=0&d=144903%3A167261%3A8925122%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&it=500&ti=0&ih=2&pe=1%3A2848%3A2848%3A0%3A4549&fs=200409&na=1476077551&cs=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Oct 2022 15:45:04 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1664898304793&de=46066062476&m=0&ar=220b545db30-clean&iw=33baaee&q=8&cb=0&ym=0&cu=1664898304793&ll=2&lm=0&ln=0&em=0&en=0&d=144903%3A167261%3A5338952%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&it=500&ti=0&ih=2&pe=1%3A2848%3A2848%3A0%3A4549&fs=200409&na=1303361077&cs=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Oct 2022 15:45:04 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1664898304800&de=814783986352&m=0&ar=220b545db30-clean&iw=33baaee&q=11&cb=0&ym=0&cu=1664898304800&ll=2&lm=0&ln=0&em=0&en=0&d=144903%3A167261%3A7446333%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&it=500&ti=0&ih=2&pe=1%3A2848%3A2848%3A0%3A4549&fs=200409&na=231490323&cs=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Oct 2022 15:45:04 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_50%2Ch_225%2Cw_300%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F616d600e8c4729-97307270.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKmKjefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-ffoDDJRIqioP6g%3D%3D&sc=1&os=1-PA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=68&w=105&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=965&gp=1653&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&id=1&ii=4&f=0&j=&t=1664898304685&de=44466609039&cu=1664898304685&m=625&ar=220b545db30-clean&iw=33baaee&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1653&lb=4149&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2848%3A2848%3A0%3A4549&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=193&cd=0&ah=193&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144903%3A167261%3A5856621%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=194436660&cs=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Oct 2022 15:45:05 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_50%2Ch_225%2Cw_300%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F633a7fc45cbfb8-82363386.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKmKjefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-ffoDDJRIqioP6g%3D%3D&sc=1&os=1-PA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=68&w=105&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=965&gp=1580&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&id=1&ii=4&f=0&j=&t=1664898304781&de=945198590161&cu=1664898304781&m=542&ar=220b545db30-clean&iw=33baaee&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1580&lb=4149&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2848%3A2848%3A0%3A4549&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=133&cd=0&ah=133&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144903%3A167261%3A8925122%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=1069255547&cs=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Oct 2022 15:45:05 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_50%2Ch_225%2Cw_300%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F60e7529b7fd7b9-20759932.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKmKjefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-ffoDDJRIqioP6g%3D%3D&sc=1&os=1-PA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=68&w=105&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=965&gp=1434&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&id=1&ii=4&f=0&j=&t=1664898304793&de=46066062476&cu=1664898304793&m=541&ar=220b545db30-clean&iw=33baaee&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1434&lb=4149&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2848%3A2848%3A0%3A4549&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=131&cd=0&ah=131&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144903%3A167261%3A5338952%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=842531799&cs=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Oct 2022 15:45:05 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_50%2Ch_225%2Cw_300%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F6265332a3e07c5-36054590.png&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKmKjefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-ffoDDJRIqioP6g%3D%3D&sc=1&os=1-PA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=68&w=105&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=965&gp=1507&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&id=1&ii=4&f=0&j=&t=1664898304800&de=814783986352&cu=1664898304800&m=543&ar=220b545db30-clean&iw=33baaee&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1507&lb=4149&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2848%3A2848%3A0%3A4549&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=130&cd=0&ah=130&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144903%3A167261%3A7446333%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=1221762938&cs=0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Oct 2022 15:45:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Oct 2022 15:45:05 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
via
1.1 varnish
date
Tue, 04 Oct 2022 15:45:06 GMT
x-amz-request-id
PT1X3XEF2KF64GRE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
rWr2JWGo0/hJJpCkOl46Jludz4/khIecVhbiRQQ0qpVwJVN5XkS3fA4iIlbnsr7DzvXsY648nRw=
x-served-by
cache-hhn4051-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1664898306.013423,VS0,VE0
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1313
SMS.png
www.newsmax.com/App_Themes/Newsmax/images/articlePage/ 		485 B
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/Newsmax/images/articlePage/SMS.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2a9f2b577571b539600643e3cd96e058e33aa48a47ed4afb6ae4f6989eb8c17a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:05 GMT
last-modified
Mon, 22 Aug 2022 14:56:31 GMT
server
Akamai Image Manager
x-serial
405
x-check-cacheable
YES
etag
"fae4141165a0d81:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=155001
server-timing
cdn-cache; desc=HIT, edge; dur=13
content-length
485
expires
Thu, 06 Oct 2022 10:48:26 GMT
Email.png
www.newsmax.com/App_Themes/Newsmax/images/articlePage/ 		259 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/Newsmax/images/articlePage/Email.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7aaec8aac258488f936c7593200c31a39da99c6a77e0e2bce90d12941a35813f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:05 GMT
last-modified
Thu, 20 Jan 2022 15:39:32 GMT
server
Akamai Image Manager
etag
"011fc22537dd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=245479
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
259
expires
Fri, 07 Oct 2022 11:56:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c42fb717566252f5f2c215fd521009a13e04e8ed6e5394a0b23cc9a390b396d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11259
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 2F51 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsmax.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 15:45:05 GMT
server
Kestrel
server-processing-duration-in-ticks
804637
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
IP
ipapi.optiryte.com/api/ 		2 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.optiryte.com/api/IP?Token=IPKXYRTFKT
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
216.238.156.11 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 15:45:04 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Headers
Content-Type
Content-Length
122
Expires
-1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1382391859&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.newsmax.com%2Fnewsfront%2Fdefense-contractor-ransomware%2F2022%2F09%2F29%2Fid%2F1089606%2F&ul=en-us&de=UTF-8&dt=US%20Defense%20Contractor%20Victimized%20by%20Ransomware%20Attack%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20article%20milestone&ea=undefined&_u=aGDAAUABAAAAAGAAI~&jid=853218554&gjid=452975559&cid=295364473.1664898296&tid=UA-31221-1&_gid=1513219398.1664898296&_r=1&gtm=2wg9s0WL644C&z=1479223286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 2F51
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=newsmax.com&sn=ChromeSyncframe&so=3&topUrl=www.newsmax.com&bundle=jM9SOF82TEk4T2dKaUJsRVl3SEg3dTl5T1FRNEtkWHU1U3dWRk4yMEpqVkUlMkJNQXJyTiUy...
  • https://mug.criteo.com/sid?cpp=jIakrXxKemJNMHZ6YkNjOUNweitNRDVwdWZ2RDN2Vjl6N0RRb1ZnMGRmVnMzN0tleCtCcTlMVU0zNlVLNSt1K1dZRkk2MWxpR2RYKytMS1dUeVY2M25jRk95TXUxNmowZE5Cdk9HUHV2V1o0Y2Fad3NvOHJadDZqZnVGck...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jIakrXxKemJNMHZ6YkNjOUNweitNRDVwdWZ2RDN2Vjl6N0RRb1ZnMGRmVnMzN0tleCtCcTlMVU0zNlVLNSt1K1dZRkk2MWxpR2RYKytMS1dUeVY2M25jRk95TXUxNmowZE5Cdk9HUHV2V1o0Y2Fad3NvOHJadDZqZnVGck93QkZRcGNVM2tsREdkTG1CUmZpRE9yM0NhYnAxNDNFQktRV2VPcWRqZUExTU1LSnpvM05nM2cvZStQb1RsWU1RcXFQTURHQ2pEdnFoaCtLcDBSTGhkRVNZUU1vT3B6bmRtRktIZitNWSs0QW1kQWhlTjNNZHBTZzNFaHNma3ZzS2t3UEI0eXZWY3pBdithM3FCWjF5Zm9pK3RHOFV2Q3FLRHg2Zmd2UXVhVzc3Nmg2aW4rcz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6d13e149a97a6ea070ef320257475b0ebcb460ebf346300bced41454c3b518af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3114588
expires
0

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=jIakrXxKemJNMHZ6YkNjOUNweitNRDVwdWZ2RDN2Vjl6N0RRb1ZnMGRmVnMzN0tleCtCcTlMVU0zNlVLNSt1K1dZRkk2MWxpR2RYKytMS1dUeVY2M25jRk95TXUxNmowZE5Cdk9HUHV2V1o0Y2Fad3NvOHJadDZqZnVGck93QkZRcGNVM2tsREdkTG1CUmZpRE9yM0NhYnAxNDNFQktRV2VPcWRqZUExTU1LSnpvM05nM2cvZStQb1RsWU1RcXFQTURHQ2pEdnFoaCtLcDBSTGhkRVNZUU1vT3B6bmRtRktIZitNWSs0QW1kQWhlTjNNZHBTZzNFaHNma3ZzS2t3UEI0eXZWY3pBdithM3FCWjF5Zm9pK3RHOFV2Q3FLRHg2Zmd2UXVhVzc3Nmg2aW4rcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
727916
content-length
0
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-31221-1&cid=295364473.1664898296&jid=853218554&gjid=452975559&_gid=1513219398.1664898296&_u=aGDAAUABAAAAAGAAI~&z=866497079
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 04 Oct 2022 15:45:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
aee2091659
bam.nr-data.net/1/ 		49 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/aee2091659?a=607472037&v=1216.487a282&to=NgRSYxQAVxECUExZXA9OcWQ2TloPEENZV1YSTkBYFBVYDhdWVUBfABVVGQcSSRo%3D&rst=13684&ck=1&ref=https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/&ap=1416&be=2747&fe=13529&dc=4615&perf=%7B%22timing%22:%7B%22of%22:1664898292360,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:91,%22c%22:91,%22s%22:127,%22ce%22:202,%22rq%22:202,%22rp%22:2564,%22rpe%22:2645,%22dl%22:2567,%22di%22:4548,%22ds%22:4615,%22de%22:4657,%22dc%22:13528,%22l%22:13528,%22le%22:13542%7D,%22navigation%22:%7B%7D%7D&fp=2847&fcp=2847&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:06 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
754f0aed7d9d9211-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Oct 2022 15:45:06 GMT
results.txt
kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pksvhtta2
  • https://kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2.18.79.141 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:06 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Tue, 04 Oct 2022 15:45:06 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
results.txt
fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pksvhtta2
  • https://fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 15:45:06 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Tue, 04 Oct 2022 15:45:06 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-31221-1&cid=295364473.1664898296&jid=853218554&_u=aGDAAUABAAAAAGAAI~&z=1433637880
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-31221-1&cid=295364473.1664898296&jid=853218554&_u=aGDAAUABAAAAAGAAI~&z=1433637880
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 308A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 13:09:14 GMT
expires
Wed, 04 Oct 2023 13:09:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A146 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
584ae3ba205fd194ec232ad7d337f6baef42ad2e4dd2172c6745ead8e1a11ec5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eJ8z0i1XgopTqm0F9tcPew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-eJ8z0i1XgopTqm0F9tcPew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 15:45:06 GMT
expires
Tue, 04 Oct 2022 15:45:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
pagead2.googlesyndication.com/bg/ Frame 308A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15966
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:32:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A146 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092801&jk=462140893535273&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
/
02179912.akstat.io/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://02179912.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RRNR9-85ANW-4QF6A-ZJTU2-LGRHY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 15:45:06 GMT
content-type
image/gif
access-control-allow-origin
https://www.newsmax.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Tue, 04 Oct 2022 15:45:06 GMT
generate_204
tpc.googlesyndication.com/ Frame 308A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZCW0JQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 15:45:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092801&jk=462140893535273&bg=!yMuly4_NAAYQgTJdMIE7ACkAdvg8WuPoOKb0BqQJrgGimfPsvQ-xOv5frYDO90CUEyFywGB4wXTtQAIAAACGUgAAAANoAQcKAMXoum5ggajZxTDTqkuyRxRqj147in_OBIK5tlEmSLzF3ex-MMisoFYJaSELdWA6CwxWGJNWeNyN1vd8y2aETgUEZD3Zgny42tVObCFfAT1D9Y7IO25xYhXS0UvYtACGWSKPHe1Uq2yl5B9LeKJ-_YB3dK3TybKjjfXXNkNM39PxybhLbdYVF3EBC9k0FlZ5b3qo8qLfgoGij0IvSuVMuzOLr9yFBvMmF4FtyJDabs8_0p3A8C5ml3k-XiXFxIKOojZRYMtFbZkCnHXMM120f6kuVwflLZKqY-7SdjD9T1rfdWHIHYzZWSZmq54PE4JuCpAtHZnJCML5wNMGUCAjbkudi-TLDnx0Bzd7cvH3O9ZP1_OoU9fwEnqhSl71rf5RZu-dIOXf_DIEBGV21iMsrmQPHYa_i4x5xROO9K2hJfa-hY8O8EOr3xkSfMVdYUUAYhdGRJ49C_8gb_5F4DtXhx3Cld7MrN6gBK__G5kATCaK78qej_rIccVbk9pPeNATmld2nTyFts63jkWWwhFenRXPUjBLLuAaU6PCQbgeNi0ZpLaOpkOmvOqz_Gh4_fZX79xCNw5A-U1iHMZTkd1vCVWNOhO3uml-kMumzNu5ZHD0QclVjSbdaBJWgjn3KIPnNyHrDWzyQNZ_ahCoucfeNDPGzi1ppgjPF6hLYINHn4duLRd6AI0roGakGQytlKLNuR9SCBA8nWihgrTQdjXfXvi67e5BajaTWznONmHME_w7tjZm0-FPdzAUS-XjuClK6X1tA_90B1FF2YTPQxLaqzhObgMbEPn2GRnkxJbyL8bV-6-O85E6SjdSR92mkU7n2VMOvNbEkBdZry1wL2r-YNup7hW_GNd2Q0uh5X9MZtm_P41oFMi2-KwYLj-dwUPyiON9IfLXJhlQh_SwYaNlDBAQ8nVk3NaRW6f2xs9w3jWA9st2KhgUA4Lo7aCThz2VGxd1FgKPfNG0jweyEuyuvLcdZGPWqO_Ds_5PHS3ESA8UzJGHNB5RZz03J0tSP0eEb0Q-0Gwlk4REgh0Gh4JUZInCZsaBwqU7OAbU8b9Pjoyx62Pwfbz-SiLFNW5Krsyj8Qfr4LR79k-Jc8JzQQbsSaHSTaa8wHglIwHayt02pvA0Z68fgji3EpYZGWPNHkzzDk8ny2AP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Domain
trends.newsmaxwidget.com
URL
https://trends.newsmaxwidget.com/api/demand/?w=167261&wlw=newsmaxwidget.com
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13781
Domain
trends.newsmaxwidget.com
URL
https://trends.newsmaxwidget.com/event/impression

Verdicts & Comments Add Verdict or Comment

447 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require undefined| $ function| jQuery function| moment function| timedRefresh function| fwdpopup function| printPage function| get_ZipCookie function| URLEncode function| SearchSite function| getQuote function| gup function| Gotosignup function| clearthis function| qfocus function| qblur function| getUrlParameter object| googletag string| revContentAB number| elapsedTime number| elementHeight function| getRefreshAds undefined| DFPelementHeight function| checkVisible function| runRefresh object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| bazadebezolkohpepadr object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY boolean| clickedOnce boolean| track object| digitalData function| analyticsTracking function| analyticsFormTracking function| analyticsSocialTracking function| analyticsSearchTracking function| PM_Postback function| PM_Callback function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| CMS object| dataLayer function| LiveValidation function| LiveValidationForm object| Validate function| mobileCheck function| IsDesktopRequest_Android function| IsDesktopRequest_iOS object| urlParams boolean| fake_ad object| AdBlockManagement function| Checkdevice function| CreateCookie function| ns_onclick object| _comscore function| LoadArticles function| parentName function| NumSort function| cleanupString function| LoadSponsoredHeadlines function| AjaxFailed object| queryly object| SiteSettings string| vrAllowAutomaticEcomInsertion string| isArticleHasVideo function| SearchTags object| COMSCORE function| udm_ object| ns_p function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| ggeac object| google_tag_data object| google_js_reporting_queue object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MjFiZTU0YWVmOTc4YWIwZGxvYWRlcl9qcw== string| MjFiZTU0YWVmOTc4YWIwZGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| postscribe object| google_tag_manager_external object| google_tag_manager function| set_persistent_cookie function| set_session_cookie function| get_cookie function| persistent_counter_increment function| session_counter_increment string| GoogleAnalyticsObject function| ga object| _qevents function| fbq function| _fbq object| vmpbjs object| vpb function| getMeta function| r function| callback object| gaplugins object| gaGlobal object| gaData object| LI object| __li__evt_bus object| liQ function| _typeof2 function| __liSync function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| OneSignal object| _bmrEvents object| vmpbjsChunk object| _pbjsGlobals undefined| google_measure_js_timing function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| KalturaPlayer object| kalturaPlayer object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ns_ object| __kalturaplayerdata function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| scrollToComnent boolean| spktHelper number| __oneSignalSdkLoadCount function| __jp0 object| XDR_COOKIE_HEADERS boolean| XDR_DEBUG function| resizeColorBox object| OAuthClient object| interval function| checkIframe function| scrollToAnchor object| InsticatorCommenting function| checkmx function| SubmitData function| subscribe function| populateCountrySelect number| pCount function| BeginLoadingEcomms function| siteName function| shuffleArray function| LoadEcomms string| clipBoardText function| shareURL function| GetShareData function| SetClickedShareSite function| ShareIconTrack function| showForwardWindow function| fbShareStep1 function| fbShareOpenfbd object| ZeroClipboard object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_629691 object| now string| callBackFrameUrl object| __twttrll object| twttr object| __twttr string| urhehlevkedkilrobacf object| addthis_share object| addthis_config function| processGoogleToken object| googleToken object| googleIMState function| jsonpcallback1664898762286 object| Criteo boolean| __@@##MUH number| dfpTimer object| paramsL object| paramsP object| imageDivs object| image undefined| imageWidth string| FBVrtShareSrc string| TWVrtShareSrc string| FBHorShareSrc string| TWHorShareSrc undefined| _FBvertLoc undefined| _TWvertLoc object| closure_lm_93703 number| cmscount number| dbcount number| ac string| nm_div object| nm_script object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget boolean| cc39eda2-441d-428b-b9ab-4eec247c2325 object| owpbjsChunk object| owpbjs object| PWT string| partnerName string| key function| dspCriteoRTUSCallback number| __google_lidar_ function| __google_lidar_radf_ function| _typeof function| _createRawReactElement function| _asyncIterator function| AsyncGenerator function| _asyncGeneratorDelegate function| asyncGeneratorStep function| _asyncToGenerator function| _classCallCheck function| _defineProperties function| _createClass function| _defineEnumerableProperties function| _defaults function| _defineProperty function| _extends function| _inherits function| _getPrototypeOf function| _setPrototypeOf function| _isNativeReflectConstruct function| _construct function| _isNativeFunction function| _wrapNativeSuper function| _instanceof function| _interopRequireDefault function| _getRequireWildcardCache function| _interopRequireWildcard function| _newArrowCheck function| _objectDestructuringEmpty function| _objectWithoutPropertiesLoose function| _objectWithoutProperties function| _assertThisInitialized function| _possibleConstructorReturn function| _superPropBase function| _get function| set function| _set function| _taggedTemplateLiteral function| _taggedTemplateLiteralLoose function| _temporalUndefined function| _temporalRef function| _slicedToArray function| _slicedToArrayLoose function| _toArray function| _toConsumableArray function| _arrayWithoutHoles function| _arrayWithHoles function| _iterableToArray function| _arrayLikeToArray undefined| REACT_ELEMENT_TYPE object| babelHelpers object| ce object| akamai function| ES6Promise object| puremvc object| bowser number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ox_esp object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA function| MoatPSCB_1eb6-1b9e-15ab-1012_20633686 function| MoatPxIOPT8622361 function| MoatPSCB_1eb6-1b9e-15ab-1012_50394095 function| MoatPxIOPT58147618 function| MoatPSCB_1eb6-1b9e-15ab-1012_30372995 function| MoatPxIOPT41680287 function| MoatPSCB_1eb6-1b9e-15ab-1012_22912914 function| MoatPxIOPT82742156 function| MoatPSCB_15c1-150b-17e9-1281_65734193 function| MoatPxIOPT24467944 function| MoatPSCB_15c1-150b-17e9-1281_91890902 function| MoatPxIOPT75410567 function| MoatPSCB_15c1-150b-17e9-1281_69515203 function| MoatPxIOPT50197309 function| MoatPSCB_15c1-150b-17e9-1281_5801567 function| MoatPxIOPT9793631 function| MoatPSCB_1418-1e9e-10d6-100c_53878890 function| MoatPxIOPT75948147 function| MoatPSCB_1418-1e9e-10d6-100c_37629993 function| MoatPxIOPT27293511 function| MoatPSCB_1418-1e9e-10d6-100c_89245907 function| MoatPxIOPT52840888 function| MoatPSCB_1418-1e9e-10d6-100c_50596804 function| MoatPxIOPT77443933 function| MoatPSCB_1078-1832-173d-18ec_23310778 function| MoatPxIOPT29600193 function| MoatPSCB_1078-1832-173d-18ec_77002719 function| MoatPxIOPT60559504 function| MoatPSCB_1078-1832-173d-18ec_18278147 function| MoatPxIOPT89646294 function| MoatPSCB_1078-1832-173d-18ec_35603387 function| MoatPxIOPT57880078 number| BOOMR_onload object| GoogleGcLKhOms

97 Cookies

Domain/Path Name / Value
www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606 Name: _liChk
Value: 0.059304724529248176
i.liadm.com/s Name: _li_ss
Value: MgYIgQEQsxMyCQj_____BxCzEw
www.newsmax.com/ Name: CMSPreferredCulture
Value: en-US
www.newsmax.com/ Name: ASP.NET_SessionId
Value: tkgn5dnvirrwpguvp4oreepu
www.newsmax.com/ Name: CMSCurrentTheme
Value: Empty
www.newsmax.com/ Name: promo_code
Value: 1034014qqur4
www.newsmax.com/ Name: BIGipServernewsmax_v11_s1_pool
Value: 1829742784.47873.0000
.newsmax.com/ Name: AKA_A2
Value: A
.newsmax.com/ Name: _gcl_au
Value: 1.1.646752622.1664898296
.newsmax.com/ Name: view_cnt
Value: 1
.newsmax.com/ Name: _ga
Value: GA1.2.295364473.1664898296
.newsmax.com/ Name: _gid
Value: GA1.2.1513219398.1664898296
.newsmax.com/ Name: _dc_gtm_UA-31221-1
Value: 1
.newsmax.com/ Name: _li_dcdm_c
Value: .newsmax.com
.newsmax.com/ Name: _lc2_fpi
Value: cd49d5059397--01gehtqt08742pagzsfxapn8vt
.newsmax.com/ Name: _fbp
Value: fb.1.1664898296020.514588309
www.newsmax.com/ Name: qcSxc
Value: 1664898296036
.quantserve.com/ Name: mc
Value: 633c54f8-10418-59660-c377b
www.newsmax.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.newsmax.com/ Name: _pubcid
Value: eb3c68b9-8677-4494-bf39-e0c8f52e758e
.liadm.com/ Name: lidid
Value: 74bf5089-c857-4ee3-a063-367df98f551d
.newsmax.com/ Name: __qca
Value: P0-1737925161-1664898296031
.newsmax.com/ Name: _gat_gtag_UA_31221_55
Value: 1
www.newsmax.com/ Name: __atuvc
Value: 1%7C40
www.newsmax.com/ Name: __atuvs
Value: 633c54f8e2513d58000
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: FbOQuBZHydCKcFQ0QNqIJq2a
.openx.net/ Name: i
Value: eb3c68b9-8677-4494-bf39-e0c8f52e758e|1664898297
www.newsmax.com/ Name: NMSeg
Value: PR
.rubiconproject.com/ Name: khaos
Value: L8UDGK0T-6-G7TF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrVP+xaqWdWXQNb0fGVcfL/XWaA1sYWTLHCRi4Lg8bJK5r8b0teNyRJcT0m8oFLWmOANaZf44uYYSYbB5SW5XQ32YoH28FgeNCma+WVcS1g3g==
.addthis.com/ Name: uvc
Value: 1%7C40
.go.sonobi.com/ Name: __uis
Value: bdcc1de4-ef7b-46de-974e-0e7646dad87c
.go.sonobi.com/ Name: _usd_newsmax.com
Value: bfa05497-e610-4074-977c-46e826aadbec
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8515|YzxU/
.addthis.com/ Name: loc
Value: MDAwMDBFVURFU04yMzExMTkyNzAwODAwMDBDSA==
.newsmax.com/ Name: ak_bmsc
Value: A2E2D8185C4ECD1F46A95733D15E14D4~000000000000000000000000000000~YAAQ7roQAjEU+1iDAQAA4O6roxEQI3t2uwpSXuXoSYeBAYL3xpb/Xeuu8RaosOj/XxC9x5UxqkTdz1Y/OmeCYrxIyG0Hxryu2rkyc61wdN2NER2XovKIDDMezdnYNt8xH9rvO/fkVpM6CWH8sbOs5LMN+Fa6XCahtPselAuA0dsIgva5oDkDh0CwSbKdR8F00SvmOhOvufYzpdNKc1gUIpZQNxhxoRvznE0TtIpG1e+gVc7KUPcCsBtudlb+XOs9EN+gN0Q0V32e7FrqecnxiCIREeCarsXza7GmlGpKvfFV6m2+RUozn+pEC/nQE3wovCN4XUzzu35xAxkSoYnFRj3bPcuvEyYm2ktlbdLxviLmqoP/G6yF4loDf85iJxIPnzv5GC0z4UjUNeQlVgbaDzI73yihTxRjyBYxoFL9XImF74dm9IDBKKL3RTHeHEMy7brAdGWnwlxNGytvrf3a6eXZ88sJPiMvhDl+igv7pEEDL7bBqTPhr7MS0Z0zqNiR
.newsmax.com/ Name: bm_sv
Value: 1BCDE7B687812CA34D71AF44AD327EC2~YAAQ7roQAjIU+1iDAQAAP++roxGGz8mUzSHrMBFMBX5hJLGS3ZZ5jR3qncZZ/m6rqZg9did3ktiq3vvCg1VqQtrdtSrA5THb9zwN6hcNm4LgnNLQR8ssqBXuCyz+2n9VBuAPkQhuN/l5l3Tvr33ycevUIpzjKo+Uzaq96zacdDdGb6bGR8jI+xB9hCbqCNIzWX8LuU3xaLMI5APrBjUDRJ4PtbhSQbRRLP1pXmomwtEz1qBKTctbvZ2vlQqxsVoT6w==~1
.mathtag.com/ Name: uuid
Value: 8765633c-54f9-4200-8159-6c977aa79157
.demdex.net/ Name: demdex
Value: 56430450375790623322768703582299557563
.bidswitch.net/ Name: tuuid
Value: 85c593c9-995f-4c2c-8115-084123a5db38
.bidswitch.net/ Name: c
Value: 1664898297
.bidswitch.net/ Name: tuuid_lu
Value: 1664898297
.dpm.demdex.net/ Name: dpm
Value: 56430450375790623322768703582299557563
.doubleclick.net/ Name: IDE
Value: AHWqTUmEmtb6f1S8JEFdGlDvg_jOiKMP08cWRns9-SoXDQ5Nj7GSOuO-jc_8CBAq05M
.addthis.com/ Name: na_id
Value: 2022100415445700090465129697
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 633c54f9591fee5e
.addthis.com/ Name: ouid
Value: 633c54f90001fe7c2c8c6284f45017909e073b18becdb5174d85
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.newsmax.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8ScIflJrYdx1evECQ0Brcplr-z31CYjnZ6IbWxu-uL4hqAVJL4L3GTaKmmK27MgMbPZjUJb3UvQ7lAS6jl3Pev3_6krVQHwutD3_OLn5eJJJ-ANwlPLhlbTqFpLNFPgYVK5Tzv741iDApdjYI7g-ryx9k6rg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.newsmax.com/ Name: __gads
Value: ID=24b6a1260d8aa147:T=1664898299:S=ALNI_MZh_spvQjWqZ0OtHohhAdkV36_PQw
www.newsmax.com/ Name: _lr_retry_request
Value: true
www.newsmax.com/ Name: _lr_env_src_ats
Value: false
www.newsmax.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-04T15%3A45%3A00%22%7D
.newsmax.com/ Name: panoramaId_expiry
Value: 1664984700383
.doubleclick.net/ Name: DSID
Value: NO_DATA
.openx.net/ Name: pd
Value: v2|1664898302|mOgeginskin0vNomiygu
.creative-serving.com/ Name: tuuid
Value: e56cce14-5d30-46fb-9b86-eab3d073ef9d
.creative-serving.com/ Name: c
Value: 1664898302
.creative-serving.com/ Name: tuuid_lu
Value: 1664898302
.newsmax.com/ Name: cto_bidid
Value: kFExfV9qQlpyUmhjU3RZcmJVWnZEZFF2bEJFUE00JTJGck9KdyUyRllJV0V4UlBLU2U1MiUyRlFPMERMQlJmM3VPUjdNSHNIcjc1alV3TnlZcUl6VUltamZVOXdBNjJWdyUzRCUzRA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZmZiYWlhbGBkYmgEAEQVC9MQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MjI3sbAwNDY2NRPiM9Qtd_RyyfBPDCl3Li8HALC7P0UlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MjI3sbAwNDY2NRPiM9Qtd_RyyfBPDCl3Li8HALC7P0UlAAAA
.adnxs.com/ Name: uuid2
Value: 7625102834525118574
.quantserve.com/ Name: d
Value: EI0BDAGgJ4qsMA
.rqtrk.eu/ Name: browser_id
Value: 1:d3deaf74-227f-411c-a1de-ed6a42765109
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: 8hukU1S61OFK6q5
.w55c.net/ Name: matchopenx
Value: 5
.adform.net/ Name: uid
Value: 6050012896084310550
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0d2e15f981b479ac
.go.sonobi.com/ Name: HAPLB8S
Value: s8654|YzxU7
.casalemedia.com/ Name: CMID
Value: YzxU-1Hzo3HI-aHYprnZPgAA
.casalemedia.com/ Name: CMPS
Value: 1194
.casalemedia.com/ Name: CMPRO
Value: 1194
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&4c1acdc3-0365-4d7a-865b-4d35184c358e"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjQ4OTgzMDM7MjswMjFZ93EiIfjPIiYDJBndOEvOrkSVZn3bgJoAGjc3kSRCNQ==
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2354:u=1:x=1:i=1664898303:t=1664984703:v=2:sig=AQEAvdkDyVs8QsHJS-ut-Mn3jEb3N8cl"
.amazon-adsystem.com/ Name: ad-id
Value: A9Rl271kIUkmiPGD2ASQRfQ
.yahoo.com/ Name: A3
Value: d=AQABBABVPGMCEJ8cD_BC2n-QxzDY_-e5nuwFEgEBAQGmPWNGYwAAAAAA_eMAAA&S=AQAAAluQBIeisp8Upx_8BRPNBHQ
.casalemedia.com/ Name: CMTS
Value: 5165
.www.newsmax.com/ Name: RT
Value: "z=1&dm=www.newsmax.com&si=3c2af598-2ba1-4c1c-984e-5a044ba18f69&ss=l8udgg3s&sl=1&tt=ag6&bcn=%2F%2F02179912.akstat.io%2F&ld=agc"
.newsmax.com/ Name: _gat_UA-31221-1
Value: 1
.criteo.com/ Name: uid
Value: 8a3a256e-bdd4-4214-b8c4-4d969e2048cb
.newsmax.com/ Name: cto_bundle
Value: 5l-hAF82TEk4T2dKaUJsRVl3SEg3dTl5T1FlaENmd3BzNjFHeEFlUUVUJTJCMloxSllZTFAwSXclMkZrS2t4TDJxWU1iRldZTXF3USUyRjhzckRicGZGRkc4ZGVCWEdZcktQclVkZWR0dlBwQ1pOMW9UViUyQm40YVhtalRBOFBDRERnZU1iY2xZSVdIWXBQbEM2S0ZhMWdsSkR0SWkzdVJpZyUzRCUzRA
.nr-data.net/ Name: JSESSIONID
Value: 244591c2da661921

4 Console Messages

Source Level URL
Text
javascript warning URL: https://cdnapisec.kaltura.com/p/2216081/embedPlaykitJs/uiconf_id/46496733?autoembed=true&targetId=kaltura_player_935900750&entry_id=1_y3kljhtk(Line 16)
Message:
Unmuting failed and the element was paused instead because the user didn't interact with the document before. https://goo.gl/xX8pDD
other warning URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://www.newsmax.com/newsfront/defense-contractor-ransomware/2022/09/29/id/1089606/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.newsmax.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13781
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179912.akstat.io
9f9f5662b2b94e850718fe9105522f7b.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.creative-serving.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
amp.akamaized.net
analytics.kaltura.com
ap.lijit.com
apex.go.sonobi.com
api-public.addthis.com
api.rlcdn.com
app.beyondwords.io
assets.newsmaxwidget.com
assets.revcontent.com
audio.beyondwords.io
b-code.liadm.com
b1sync.zemanta.com
bam.nr-data.net
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
browser.sentry-cdn.com
btlr.sharethrough.com
c.go-mpulse.net
c1.adform.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.indexww.com
cdn.onesignal.com
cdnapisec.kaltura.com
cdnjs.cloudflare.com
cfvod.kaltura.com
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fiaqjiathaajekqce3ydkaaaczrtyvic-pksvht-5c5c39505-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
images.newsmaxwidget.com
imasdk.googleapis.com
ipapi.optiryte.com
js-agent.newrelic.com
js-sec.indexww.com
kd7qo3accjhy2yz4kuba-pksvht-85d194614-clientnsv4-s.akamaihd.net
m.addthis.com
match.adsrvr.org
match.prod.bidr.io
metrics.beyondwords.io
mug.criteo.com
nmxvod.akamaized.net
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-sys.com
os4m-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
product.instiengage.com
proxy.beyondwords.io
pubads.g.doubleclick.net
px.ads.linkedin.com
px.moatads.com
pxl.qccerttest.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.amazon-adsystem.com
s.go-mpulse.net
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
soapps.net
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.criteo.net
static.newsmaxfeednetwork.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.mathtag.com
syndication.twitter.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.newsmaxwidget.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
us-u.openx.net
v1.addthisedge.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.newsmax.com
www.queryly.com
x.bidswitch.net
x.dlx.addthis.com
yeet.revcontent.com
z.moatads.com
api.rlcdn.com
s7.addthis.com
ssc.33across.com
trends.newsmaxwidget.com
104.18.18.126
104.18.19.126
104.244.42.8
104.75.88.126
142.250.186.130
142.251.39.34
143.204.215.58
151.101.193.108
151.101.2.137
151.139.128.11
162.19.138.83
162.247.241.14
178.250.0.165
178.250.2.146
184.24.77.210
185.29.134.244
185.80.39.216
193.0.160.128
198.148.27.134
198.148.27.139
198.47.127.19
198.47.127.22
2.18.79.141
213.19.147.42
216.238.156.11
216.52.2.30
23.205.235.133
23.35.236.201
23.35.236.247
23.35.237.151
2600:1f18:730:b150:b4b2:cbd5:d9df:a8f5
2600:1f18:ed:550e:2ffc:e2b0:e092:1f2
2600:9000:2057:2200:6:44e3:f8c0:93a1
2600:9000:2057:a200:8:8845:1500:93a1
2600:9000:206f:e000:9:78a:e540:93a1
2600:9000:214f:1600:11:615:7240:93a1
2600:9000:214f:6000:19:597a:e108:c5a1
2602:803:c003:200::51
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:c56
2606:4700::6811:190e
2606:4700::6812:cc2
2606:4700::6812:d4c
2606:4700::6812:e234
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2004
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:827::200e
2a00:1450:400c:c00::9b
2a00:1450:400d:805::2003
2a00:1450:400d:805::200a
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2008
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2002
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:586::10fe
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:ba2a
2a02:26f0:6c00::210:baf2
2a02:fa8:8806:20::2010
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::729
2a04:4e42:600::300
2a05:d018:d29:3605:81f0:8432:14d1:181d
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.122.40.23
3.122.76.234
3.212.123.192
34.102.146.192
34.120.135.53
34.249.231.255
35.156.104.29
35.156.85.196
35.244.159.8
37.157.4.23
37.252.172.123
44.206.137.207
45.133.44.3
50.31.142.223
51.75.146.159
51.75.86.98
52.18.161.218
52.210.26.59
52.223.40.198
52.46.155.104
54.146.241.124
54.160.11.30
54.194.213.220
54.194.226.232
54.239.38.253
54.244.189.41
67.202.105.24
69.166.1.10
69.166.1.8
69.173.144.138
69.173.144.165
69.192.160.219
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0170004a718387fce95146859083c72db0df41425ec06c63d9e63e28d667102a
02b9598ecca4d1f80718fc51eed815241da495ae1146a668ab4883943add8511
03d8d375110f1a0305d787365607af49c29229381a092d932a2d63661d2de837
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05ccc91826c3f2f9deb9a25bfdf78ea4a5b03838fdc07c18f37cd24922dd1853
06e5756210f6af7871df329f8464c1c3ec4455c6e71b42a61c9c1bdf9f9f8357
072c0cede4123403627840d43a66b45a1e14d0c4ba03b15f385d08b810e4d36e
08ecbe1e964191c0320cb69a3fd6849c2e686cc5ec8814be89da7a7664bd4c85
09332f81284150bea9c6171c83b29c09dabb8edf3db9ad88314152c9aceb6d5e
09975b6ceebf99b72832eac3a8ac87baf06e40dfb9c8d8c90328c828ff843896
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0fe56f1b7cb3dd1af5bbd7dab3eff192b3197d1b6155711e313f993439180462
10106eb543cd1349e7732ef270142d580f88b77107e2e55daeef673aaaa648f6
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
17b100a07eaf050f9955f6ded96ceac0cec7bf008cb3fc78e32fb70af65eaf7e
1963f6ba3fb5c0fe5ea91c5156292beb8dfddee3e14bb995185f5b440dd9f0af
19bc9356fee44c5b15d7a7b6eab8ef86eece12f6b616c84567b5217de12fe7df
19d31d275a88cdb10cc90070d7605d601ce49b461d0af05ed4135328066376c0
1a6ad119feb2cfcad10dc183a8dea87744580ebf2400d8b5000999f28191e77e
1d110d1384ac5c2ce38fd5bf7a52f8d2bdc2d9f8ac78f2922331ef3affdfe4d0
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
2254f596e0699bc4044a9b4aeeb5397652c9953ded34862d7b93dddb4ab1869e
233bf3c66ab5c554a53023e4f14c427a79d9f0358d5da395fd6d3eb6ccdaa537
23daa95b2a360920e62651466fbae0ff9b8c4d65281c11ba6f2936fb15644a48
24561fe775c2aa05376c741a39d56f0de51734139f34cd6dd9c8b302f3b46d19
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
264a4152036cf4c4deba274551e5faa60e993d776a249c58bcd5fff71d3f59ef
27004420283ff78bb2ca8fde44bb16e74273602d7b5443d8c53477ce9d5351ed
276daab8f2d3f47dee4db846d397bdcfda65240f86e156213affe59063b28703
29b138addba2df5d07ebce20a46d69eea61b15cc0f79e419a1629d73cd628ae8
2a34841d1941f0a3454b742dbca6c1b64d016cade03ef874351174c3106ed02a
2a9f2b577571b539600643e3cd96e058e33aa48a47ed4afb6ae4f6989eb8c17a
2b204664bc5bca04f6e236ba9d3437286a632064409c8dbf9b7596c5e3993f71
2b2c957745440adc52354dd268fde433c9261b0aa7e681dc07631a5e5bc62589
2bf517104f255123ba18c57e1de2f672c0271712d716ff844a26ea8162453b45
2cb0b567a460d1ad8cda6eb7df264e6070ff50f9cc54548b81b07ab44671aa9e
2d332e67d82e8a227796de998fa93907a7be2cd91127d8e0c0a92db3931e399f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f0dd8ca4aa9fb6b68aee8d9ec46d7c9a89c094c0c33d1c96158130e7a28440f
30235be1a8cb2c0b43d75136c68490e0cb2c16c5c43c6d2b0e755bf97145c4d6
32c7487cc816da6071ed8bbf4e16a231480f3e00b627e298b1324f8a440b9908
345e08f69c3d391772d93b6a52c9a82b502c881f9e64a686f05c108c9069e08a
34d7ecd8274df6ec57884dfcdfcd0ae24aed20ec59f0624de787d125b2a8c4be
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
369a7ee6d88f5060007cfc65ea6ce370195e119115086b0c1487d807c2ce267e
36b1ac5c7e7aa03590a7d7231f838bac2df8bc2691c176326d87792a0d1a469a
37ad8998fe6514a24a6618c0ab0fc6b6f2bfdb1309a89a213d3e9b810783ba9d
3988f57751937ac8f5ceb338d62672d4f6ae1b8dfdbb969c651adf3184ef830d
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b57856220502463404208797101b5694691dd36e30354f5ff57bc144fd611d9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db1711b708e98ad42b7764a019342259e8c5c8fd4d4602fadd8e28b69f0200a
3eb9a491f894c7765183b0c0de8023ac606a780cc5af62bd1b9b5c6202e50c19
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41f7ea1d5f0b64cc5f2517b7d5398541d72e42751f056fc767e1280ff1709ca5
425636092954fba0f2ed5218f41a96ce31447acf3a65baf02249adf4e0a23038
42e7ca4dd09e4b37f976bba7e9545a637a2ef41984d7728f6cda6ed35a11bff5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
46efe17f97002eda505906faf1d633f7e985ca269903e54ce250eb0194f08330
474bcf4b49d387192ce59e0e19e9752c8bfc3cd4ff10f7e5aea128767bf5bba3
48906364c460ec1e87589bdbbc63ab8479b10d10050f5d70b0e1022f6d6b0cba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bdaaf9bba5b5412e4bfa8c4845d824d0fad01063ec4628d4e75abf714560487
4cc3aa296e490c4345a5746b895a922cdead09f111a80b38a2d2ca97f19ab634
4cd76c60e1ec74ca32eae9fd9f39376f5c025d167535e994eee296e4a8e3ea3d
4d587885f84d5f0b3287ee5a85401c1fd06b7a79bb62fbec528ce26585f85852
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fed3488b948079beb8ee72478122cd2d04a753f443f89b6d871a0a746c933e4
500b1cb2d9aed655f5bc0eb0313a6ebf75d3613e94b2234a60f532eea7e51590
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
515b99e2e16b77ae4173f5b815d14831d226d625b0fab86c5fa3e2a5333849ae
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
548ff995b93f8f32334747b861c74a4dc11d6624456679485d6d4a6930d39b67
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d991857048a5599b4855dc7d67079cc556e2ebfef75189b89d6e5fc82a40a9
584ae3ba205fd194ec232ad7d337f6baef42ad2e4dd2172c6745ead8e1a11ec5
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59315b76b4d26f85c9d930c19cb03f4270c22cd231f07dc2ec02ec01ba2fee98
5a3d5866167ee7537ae35c1ccdc62db67c126f51da032a975f60e7fe766af1fd
5da35554aa8b828c08b27110c68714f8957ebe2ae3ab92407ea2d8891a0b30ca
5ded60272ed7f7d09ffd48a82baad37ac4ad42ee28e9398359d37c0c1d77e9a2
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2
5ece4398c41c452d1fb318c62936d1d73fffc2f6dfdf10ed988ac67113dee701
5eea0d69b6b760b55d4978397654401fafba2d8d5ddc8494f9e44386bd80b7f9
5f79d06810cf448519b18ccab3fdcc94a27457d67457c0ab90fc00708ef85245
5fb513268e641e680e8f2c0848af922f84c20368d1838b90655571cef9975b6f
5fb672f1d8956e7ac6c11ed4d4ac7af1c82e342cb2e248813364ed7ab3b4d9b7
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
635d729c3d226e7d58807923b1ff1a729dd2cec3177fddcd3769013a8b400ee6
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
650e616ed2d6502d6c4bf9f583b548a94595d509b44d92f4599c78b3f7ad26a7
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6ab90642825c014ef29392ec34fb8fe622a3fa0e70ff730739b9b51433875f4b
6ad0665b8b1e41b73f4232e0c7940822116c2038cd2550897549d7f8a2bff668
6ae321c4efb8d84aec8368f30e0b6e47f0a56b56a3a3d722f5727af1d253758e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc30e75c37bf18ef1ab4c691fa3cb3e8733f6c33bdd18d76e7c08c6d86040ee
6cd2c233f27a479e0b4edf3b28e6d92bacb174e2bc93adb6891848256df8502d
6d13e149a97a6ea070ef320257475b0ebcb460ebf346300bced41454c3b518af
6e58407159c345de9546bddf80cf9c70225edffdd2f4057b56a94cdf862774d4
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
73cf53063cc08520bfcfea4d0161892ce5dcd3b8718d72e14611439a746e0de5
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
74782709255647085624bba4a86908758fcb0035caa88f809df9d973842cd41a
751f36c69f7e0d77f6ecd4281e85e40bb98e7b58370e9a3f25e8f7270f994cd8
7564f08f674aae1a3f496f08d60c47cd0d12bf264925f1339f180e39afe406ea
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
792841a32ebf331ee6adcf3f7714ae9cca8cdf615fea08bee8f13d8a83dd8688
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aaec8aac258488f936c7593200c31a39da99c6a77e0e2bce90d12941a35813f
7b2217761e2247f5840ebb0fd21a1929327a7dd49ffc2df20921f6a767316973
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c2cef039dcde9a75df5aad98b9285b442d53befa897ed6e6ae83fc1156c9538
7e855336e500d734dfc8ac2732d3f8c6394459b556663b143f4335336d68fbdd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
824f4ca1a4d8e5d1bf711ba3923cf38a75916abb6e0af5e1e137852c108b7e83
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
870a90339658c81d4ae8d6f94e36c5faf066c14c2976769ee4e303d1488cb365
8adf218d6254d16ee598d7f1074efe483cd2f5aebcbc251cdb85ef408ed60e64
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
8cb4f12bc20ae277a273d230c8d2e3f2317fa0e529e69d02419523bca097d7e4
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d272b68a38f3d814db3b9f44190f6ab2dbba43f42363a13e82959fc791bc8ab
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f5ae75124ec980300a4e012d3c0b36f68c35da21eb56ab99dc9b7ef84f3f8df
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90fb6f285e623bb5acd728f0422f99bc79c9f405374034703045cbd837c3349c
92199815190cd625c0325ae94ec6401315c4027ca827446e18d34ca522cff01e
9327a3890c1273a1416a33670139d776a3234a8019029fac4e625b55005417ce
942c34d2e0b125fb325ce4f0992f8f2f64d07de8237386ebf633168abadcd392
94fe5789e3193c255373bd10c0750fa641da6a97a73640deca1702b54be9bcae
9689c35f2067fe07e20186af9f915c4f84311bcee9562e4640e530783887daf3
98396bf1b5945ab8be3df6b04f773ee3663c06a1aa431b883dca10f05581c658
98af9a0a0da00caacaffde392a514716bc31efa868582124e6b41496f2b3953a
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9ce5e5b6c6ceb76402d5d13a15ff17223de24c484c2f2efe7cdbee4ac0eab96e
9cef7f743987479022148931132527fe1b8712ea4949cae7a5e9b1b73884f9fb
9d54ebc199fd630a42278a0ac270926d9f152c5bdd381c94b9e02d4b3b12ae35
9e2f94dd3ef47389ec3ffc1ce3ee271070c516adf9fe0612693a32d494539442
9ec872d58a5c69122782bdc67523a5483d766169686b83bed86a73d36691ae5b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a132427cebccddef910f3cc4b2bcef5a5172466cef7818729b2f0c948ffe1766
a22f715ea2ed8254704281198af4a3691f2e1213b3410853b10ec5a8bace8b8d
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50cb02bdda2f2ae842c05a47e4b549d99dc0f09cae516355512a32e494dda27
a5d0212b57cd91453464ddb13dd3ce87ced642a8c2e68a5c62e5273dc79aad4a
a609023143f5e67e47d928aa98b95cd08e11817162df3102fbbb56b4a1a5b51e
a694dfbdef7cf57647736e00e5fa86338f3c644a66adb0fc20a2484af9646612
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78ad4c8d15ac05f97740264d08f3b816e57f1265f1ba87345ddbc8df2970bf4
a7e82da5ca4dbba958cd0b570a8b59ff123968e41bc6abdbe7ddf9dc97f3f7d5
a9cb324f5fc1ab9a9f5b4ef516de96216086250f5d282b3f56b948fdb6dfe086
aa0f38af9e138a9b67cf922ac3e99f6fbd1c85202d18f601f880aff3d3820df8
aca191859901f0e518496695a814494d588754e3bd146cc910876e963f650034
aca9e5a67f06ff68ac7ced2031ef234afd2f20010451a904f25b8d4fcbfb04f8
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ada9237f07f0460aecc6431717ec3359b2e91e2ae039cb34053fb8d0bbd76df7
adec9fd4e4db0df56d6da0845865aa7baf137380cf5f4b8bc68cd9540b99c0da
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e91321d1b560fe1ec1aba1374e92c5dd4c33b2abc0cdc6079b5b74894acd56
b34d2f3f22a04e51371de3e6d31c11edc9922ecb3f5c453239faef40a8d9e12f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b7794b8b0fe358ac7a93f9c3675e4fe9c2ff3a56bb3f7c67efc66462b62e4ee5
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b96868ee0f8c549224fc5b618409007b1cb3a9d1c6632a44cbb85eb809e0ff69
bb34df5214a8b9cd7d9bfc120252b6fdb17b03a094692822637de21145cf3df5
bcac3bf87fa15538baecc11175568cd47945a0f3ea3c91d23daafe6423b56983
bcb54a8f4870ad0cb8e2c0e798795f80b22df03f7fbb2c01be858ac94795bed4
c12140b4473f394cc528bb35f79e33d7c0fc900303ed5c207166516d6b60ece3
c20e6b0166821617ea4fcb6b69e914a7d518211f04ec07adea24244bf5e1b972
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25a41beadb5afc68a4c4b2b1e94143ae0b6db7d3745640f4d55a62c2851e133
c3d3d1f3f3304f780848134c66091334896be5c094272435650398d2d46d3596
c42fb717566252f5f2c215fd521009a13e04e8ed6e5394a0b23cc9a390b396d2
c5036965c2491cbffd3a6b75340dc9938c7c53c8503d00d46381c5faf05283a9
c6ce4a04be4375467147982cc928468f76ba54f703d0eea4a9f9c2834b0b0e5e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbbfb0364857320ac752289682dddc51d9b32de07f0a7bdcdf5f8ea753c16349
ced5fe432e6de10967e5b8d3d562a17cb37b2ee8f69b7f2bc4b9cb5e1f2cc7a6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb1bfcef090f8d56f73444dbb99a439d0a572b8454db9f41a9879d8970554fa
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1fa90560d12ffe1e8244ca88e06a09e03b34350efc25bc454af049d69700de0
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
d6f7ad41fd49182c64a8e99d2567ae6f550852bcd1afa1a85ec7c60d645909ef
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc33ab5ce99ed2996fe73ca5d4f6ddbe656ca885dc8a7f9489615a89ed3b674f
dc478b74bc29247409a6e06eb57fad368837bbfec11b817488175a035ce1bc45
dcc0578e6346681e77f8778551a3d024a5f3597e4451a6dd712b1390e3d70e77
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de76c5b236b30fed5f9ec5c9fa048da0a4397875996202a700681b8b2a6bf6ac
dee163747ea86c625f160eb964b806c8b12c9b0d4d67f0fc41c321c689455a72
dfe8a177bcf688e5d60645da7c078395ba551eb513942c305753a9d200a230eb
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417c535c1904c414943f70bb6744b45134fb3d99ab8f61fb2029a5a54f61992
e714fd0b969752b1021274b6983b1925d5cdee70fea0769846e5647ebc8f3e7a
e7ddb6a0e855c5e9ec7b21b5bddab044922ba7d768781a19466fd09eaf2547dd
eab9c15881943c75905dbde00e4909468dc9ace405037d06a6e6f8de965be350
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
ed7e5852ceeb267da57cadfc286148b62e673ffc14407100610e830dcedeafde
ee249c7ad472fbe9edec0012b0d6fe7a74a8fe6f54a3e99eaef41d1be479b4fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0d4006b136060b288c53cda749f12f4ab0bc47ab9e4661ee5bc66bc7e08810f
f0ddac4328f668ae559b444a15079cc6b8abf5e267a9031470db71a497124746
f2e25f609a24452019290acc97111ab741a871552aaa0d09f424f6c01ba8dc8c
f3c1696566282dbca27b59fa922d74bce18608fa82461c9c6288cae27e7f65d6
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a2b5f7cf6d33103d9d709f419b0b9dd5bedb24b7bbf81f5d7d5676a57bf620
f70669fd56fbba6261e2a0a2f560e08f1761d02335e6370885159e919e9d5ed1
fd7b76263428d15a209bea5abba0c2c72b29cc6e84337eda19de82bc61d1a8e6
fedbb98e0dadd4964896ee19251fbab829fcfb84fd7710ee7a56d5e87a7ac914
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9