www.newsha.de Open in urlscan Pro
37.157.250.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cdn.newsha.com/
Effective URL:
https://www.newsha.de/
Submission: On December 12 via manual (December 12th 2022, 10:17:17 am UTC) from HU — Scanned from DE

Summary HTTP 199 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 61 IPs in 8 countries across 50 domains to perform 199 HTTP transactions. The main IP is 37.157.250.10, located in Germany and belongs to MYLOC-AS IP Backbone of myLoc managed IT AG, DE. The main domain is www.newsha.de.
TLS certificate: Issued by R3 on November 24th 2022. Valid for: 3 months.

This is the only time www.newsha.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 74	2606:4700:20:... 2606:4700:20::ac43:4698	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	37.157.250.10 37.157.250.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.30 13.32.99.30	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.156.60.5 108.156.60.5	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:3a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 38	2606:4700::68... 2606:4700::6810:5d72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	3.127.193.212 3.127.193.212	16509 (AMAZON-02) (AMAZON-02)
1	172.65.193.34 172.65.193.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::d 2a02:2638:1::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.190.85.25 35.190.85.25	15169 (GOOGLE) (GOOGLE)
2	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	3.126.197.232 3.126.197.232	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.251.89.118 34.251.89.118	16509 (AMAZON-02) (AMAZON-02)
1	104.79.88.129 104.79.88.129	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.28.99.48 52.28.99.48	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	52.31.124.224 52.31.124.224	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.93.179.84 54.93.179.84	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4264:f0dc:d918:bf86:3244	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.44.72.208 23.44.72.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.137.201 54.194.137.201	16509 (AMAZON-02) (AMAZON-02)
1	54.72.96.20 54.72.96.20	16509 (AMAZON-02) (AMAZON-02)
1	3.133.55.161 3.133.55.161	16509 (AMAZON-02) (AMAZON-02)
199	61

74 2606:4700:20::ac43:4698 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.newsha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.250.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

www.newsha.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-30.fra60.r.cloudfront.net

integrations.etrusted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.156.60.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-5.ams1.r.cloudfront.net

widgets.trustedshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:3a2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.widget.trengo.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700::6810:5d72 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

customer-2so3acq3hzsb0mrj.cloudflarestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.193.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: vip-widget2.trengo.io

api.widget.trengo.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.193.34 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.85.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.85.190.35.bc.googleusercontent.com

static.trbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

collect.trbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v4.trbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.197.232 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-197-232.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.89.118 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-89-118.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.88.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.99.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-99-48.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.124.224 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-124-224.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.179.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-179-84.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:f0dc:d918:bf86:3244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.72.208 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-72-208.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.137.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-137-201.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.96.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-96-20.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.133.55.161 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-55-161.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	newsha.com 2 redirects cdn.newsha.com	3 MB
38	cloudflarestream.com 4 redirects customer-2so3acq3hzsb0mrj.cloudflarestream.com	8 MB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3792 gum.criteo.com — Cisco Umbrella Rank: 399 mug.criteo.com — Cisco Umbrella Rank: 3032 sslwidget.criteo.com — Cisco Umbrella Rank: 1722 dis.criteo.com — Cisco Umbrella Rank: 700	27 KB
8	google.com maps.google.com — Cisco Umbrella Rank: 2114 www.google.com — Cisco Umbrella Rank: 2	211 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28 region1.google-analytics.com — Cisco Umbrella Rank: 3983	41 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	380 KB
5	newsha.de www.newsha.de	95 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 81 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	1 KB
4	trengo.eu static.widget.trengo.eu — Cisco Umbrella Rank: 100001 api.widget.trengo.eu — Cisco Umbrella Rank: 88040	312 KB
3	trbo.com static.trbo.com — Cisco Umbrella Rank: 96578 collect.trbo.com — Cisco Umbrella Rank: 81115 api-v4.trbo.com — Cisco Umbrella Rank: 95012	83 KB
3	trustedshops.com widgets.trustedshops.com — Cisco Umbrella Rank: 27866	91 KB
3	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 25833	16 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	132 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	191 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 206	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	508 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 684	853 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1317	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 218	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	872 B
2	google.de www.google.de — Cisco Umbrella Rank: 7952	564 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	203 B
2	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 45979	630 B
2	hubspot.com forms-eu1.hubspot.com — Cisco Umbrella Rank: 39543 track-eu1.hubspot.com — Cisco Umbrella Rank: 27922	2 KB
2	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 24170	1 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1795	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 549	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1924	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5106	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 41808	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2306	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 657	581 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1294	878 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2571	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 448	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 827	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1537	163 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 770	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 350	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1872	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1270	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 506	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 321	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 737	145 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 553	799 B
1	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 40636	25 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 26388	20 KB
1	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 371	449 B
1	etrusted.com integrations.etrusted.com — Cisco Umbrella Rank: 99597	2 KB
199	50

	Domain	Requested by
74	cdn.newsha.com	2 redirects www.newsha.de cdn.newsha.com
38	customer-2so3acq3hzsb0mrj.cloudflarestream.com	4 redirects cdn.newsha.com customer-2so3acq3hzsb0mrj.cloudflarestream.com www.newsha.de
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.newsha.de
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	www.google.com	cdn.newsha.com www.gstatic.com www.newsha.de www.google.com
5	www.newsha.de	cdn.newsha.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	static.widget.trengo.eu	www.newsha.de static.widget.trengo.eu
3	widgets.trustedshops.com	www.newsha.de widgets.trustedshops.com
3	js-eu1.hs-banner.com	js-eu1.hs-scripts.com js-eu1.hs-banner.com
3	connect.facebook.net	www.newsha.de connect.facebook.net
3	www.googletagmanager.com	www.newsha.de www.googletagmanager.com
3	maps.google.com	www.newsha.de maps.google.com
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
2	fonts.gstatic.com	www.google.com
2	www.google.de	www.newsha.de
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.facebook.com	www.newsha.de
2	forms-eu1.hsforms.com	www.newsha.de
2	js-eu1.hs-scripts.com	www.newsha.de www.googletagmanager.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	e1.emxdgt.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	contextual.media.net
1	sslwidget.criteo.com	dynamic.criteo.com
1	track-eu1.hubspot.com
1	mug.criteo.com	www.newsha.de
1	api-v4.trbo.com	static.trbo.com
1	collect.trbo.com	static.trbo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.trbo.com	www.newsha.de
1	dynamic.criteo.com	www.googletagmanager.com
1	forms-eu1.hubspot.com	js-eu1.hscollectedforms.net
1	api.widget.trengo.eu	static.widget.trengo.eu
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	maps.googleapis.com	maps.google.com
1	integrations.etrusted.com	www.newsha.de
199	62

This site contains links to these domains. Also see Links.

Domain
www.newsha.pro
www.newsha.at
www.newsha.ch
www.newsha.co.uk
www.newsha.nl
www.newsha.com
kr.newsha.com
in.newsha.com
www.glamour.de
wa.me
www.instagram.com
tierversuchsfrei.peta-approved.de
www.facebook.com
www.youtube.com
www.crueltyfreeinternational.org

Subject Issuer	Validity	Valid
dev.newsha.com R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-28` - `2023-07-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
integrations.etrusted.com Amazon	`2022-04-06` - `2023-05-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-20` - `2022-12-19`	3 months	crt.sh
widgets.trustedshops.com Amazon	`2022-07-25` - `2023-08-23`	a year	crt.sh
trengo.eu Cloudflare Inc ECC CA-3	`2022-02-13` - `2023-02-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
api.widget.trengo.eu R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
static.trbo.com GTS CA 1D4	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
collect.trbo.com GTS CA 1D4	`2022-10-21` - `2023-01-19`	3 months	crt.sh
api-v4.trbo.com GTS CA 1D4	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.newsha.de/
Frame ID: F8152808F9150E79C1A45BDBD120BC61
Requests: 126 HTTP requests in this frame

Frame: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
Frame ID: 81AEF7B60268EB72F94A1B53F1DCCC92
Requests: 18 HTTP requests in this frame

Frame: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
Frame ID: EF1EC0779E2F396DFAA29E1B7496EBA0
Requests: 18 HTTP requests in this frame

Frame: https://static.widget.trengo.eu/widget.js?id=f97995da972e7a153d5bf2e150bd6021
Frame ID: 9909288ACBC5CC195FC1E0882990121D
Requests: 2 HTTP requests in this frame

Frame: https://collect.trbo.com/i/c.php?browser_type=&channel=typein&cl=14003&click_type=typein&pg=www.newsha.de%2F&device=&device_type=desktop&group=-1&has_flash=NaN&is_adclick=NaN&is_click_in=1&is_mobile=0&is_organic=NaN&is_referrer=NaN&is_tablet=0&is_typein=1&os=&protocol=https&rand=351693969.2668748&uid=9221f684bfcf990fee0b68cfcc6da415&sid=1219911633&pt=4&td=%7B%22slots%22%3A%7B%7D%2C%22data%22%3A%7B%7D%7D&rnd=1670840231621&stot=1
Frame ID: 9785AE912A6D8293D3CC74C5CC7D7A82
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.newsha.de&origin=onetag
Frame ID: F901160C71D09D3EBC9C3ECC976D1E76
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff7TQbAAAAAA-CdCZjLoKFpGXCnHO-CcE_9vuV&co=aHR0cHM6Ly93d3cubmV3c2hhLmRlOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=inline&cb=23drlktcy7yd
Frame ID: 4764BD5CF1195EB59BB490F77CB81EC2
Requests: 7 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iM2pimVUWiox0khS_lq1bXZGCP_Nuh9eeouuzg&expires=30
Frame ID: F73FCA83052BB2BF44DCC95FDEC28F29
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exklusive Haarpflege- & Stylingprodukte | NEWSHA

Page URL History Show full URLs

http://cdn.newsha.com/ HTTP 301
https://cdn.newsha.com/ HTTP 302
https://www.newsha.de/ Page URL

Detected technologies

Magento (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<script [^>]+data-requiremodule="Magento_

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

199
Requests

93 %
HTTPS

31 %
IPv6

50
Domains

62
Subdomains

61
IPs

8
Countries

13049 kB
Transfer

19555 kB
Size

63
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.newsha.pro/
Title: FRISEUR? HIER ZU NEWSHA.PRO

Search URL Search Domain Scan URL

URL: https://www.newsha.at/
Title: ÖSTERREICH (EUR €)

Search URL Search Domain Scan URL

URL: https://www.newsha.ch/
Title: SCHWEIZ (EUR €)

Search URL Search Domain Scan URL

URL: https://www.newsha.co.uk/
Title: UNITED KINGDOM (GBP £)

Search URL Search Domain Scan URL

URL: https://www.newsha.nl/
Title: NEDERLAND (EUR €)

Search URL Search Domain Scan URL

URL: https://www.newsha.com/eu
Title: EUROPE (EUR €)

Search URL Search Domain Scan URL

URL: https://kr.newsha.com/
Title: 한국 (KRW ₩)

Search URL Search Domain Scan URL

URL: https://in.newsha.com/
Title: भारत (INR ₹)

Search URL Search Domain Scan URL

URL: https://www.glamour.de/service/page/shoppingweek-die-app
Title: GLAMOUR Shopping Week

Search URL Search Domain Scan URL

URL: https://wa.me/+4915735980409
Title: WHATSAPP SCHREIBEN

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newshahaircare/?hl=de
Title: @newshahaircare

Search URL Search Domain Scan URL

URL: https://tierversuchsfrei.peta-approved.de/company/newsha/
Title: Liste der Kosmetikhersteller

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newshahaircare

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newshahaircare/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvCma0A26rvr81jZOATAaCg

Search URL Search Domain Scan URL

URL: https://www.crueltyfreeinternational.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cdn.newsha.com/ HTTP 301
https://cdn.newsha.com/ HTTP 302
https://www.newsha.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b HTTP 301
https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js

Request Chain 89

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac HTTP 301
https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js

Request Chain 128

https://gum.criteo.com/sid/json?origin=onetag&domain=newsha.de&sn=ChromeSyncframe&so=0&topUrl=www.newsha.de&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=HMgaKXxCRzdJR0s3TDNEdmhtd1ltazk0a05KdmJMTXlwdTI2SHB1VU9NMG1yc2d6S1YxdHdyTW5ocXQ4eFZGdDZBRHptczJPbFdjZHhWNmswbUtLUVJDcTZic2JETm9xaUtxZ1lOOFBiaE1IMDgxN2pLaFB2dElJeFF5ZnlDc3dUYzR6bU5OYWRkcXgxUDNLa09KZVdpdFdxZlZrc1ROU3NIOWVpU1RmaXhtU1NoMFlxc2lQSUFYZW0vTWhoQ20zRE9zeXppdTZnaEYrU2NzQ2lRUVE4UmorbUwyelJON050VXJTMG5hSkhZVlc2VnA3d3kyQmFHQjhNY21NZGlCbXVlSlJseEpnMWtMbGRjemxvQ0NCbmFoaXlOZz09fA&cppv=2

Request Chain 148

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjowLCJkIjowLCJzeiI6MCwidiI6IjBhNDMyMjQ2NzA2ZGMzNThjOTI5NGQ1ZThiOGQwNzJiIiwidnAiOjEsInB2IjowLCJwaCI6MCwidmVycyI6IjVkNWM0NWQiLCJpIjoiZTAzNjRjMGI4YTM3NGMxMjg4OTNjZTkyOGYxZDlhMjYiLCJpbnQiOnsidHdxYiI6MCwidHdxciI6MH0sInNlcSI6MX0sImJldiI6W10sInFldiI6W10sInNldiI6W10sImwiOjAsImIiOjAsInQiOjAsImQiOjAsInN6IjowLCJ2IjoiMGE0MzIyNDY3MDZkYzM1OGM5Mjk0ZDVlOGI4ZDA3MmIiLCJpIjoiZTAzNjRjMGI4YTM3NGMxMjg4OTNjZTkyOGYxZDlhMjYiLCJjYnIiOjAsImNyIjowLCJ2cCI6MSwidmVycyI6IjVkNWM0NWQiLCJyIjoxLCJyZXFfaWQiOiI0Yzk3MTBjNS0xZThiLTRlYmEtODFhYi1lMGY2ZGExNjJlOWIiLCJfdHMiOiIxNjcwODQwMjMyMjkzIn0%3D&cs=VGhlIENsb3VkZmxhcmUgU3RyZWFtIHRlYW0gaXMgaGlyaW5nISBFbWFpbCByZW5hbkBjbG91ZGZsYXJlLmNvbQ%3D%3D&req_id=4c9710c5-1e8b-4eba-81ab-e0f6da162e9b&_ts=1670840232293&l=0&b=0&t=0&d=0&sz=0&v=0a432246706dc358c9294d5e8b8d072b&i=e0364c0b8a374c128893ce928f1d9a26&cbr=0&cr=0&vp=1&vers=5d5c45d&r=1 HTTP 302
https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjowLCJkIjowLCJzeiI6MCwidiI6IjBhNDMyMjQ2NzA2ZGMzNThjOTI5NGQ1ZThiOGQwNzJiIiwidnAiOjEsInB2IjowLCJwaCI6MCwidmVycyI6IjVkNWM0NWQiLCJpIjoiZTAzNjRjMGI4YTM3NGMxMjg4OTNjZTkyOGYxZDlhMjYiLCJpbnQiOnsidHdxYiI6MCwidHdxciI6MH0sInNlcSI6MX0sImJldiI6W10sInFldiI6W10sInNldiI6W10sImwiOjAsImIiOjAsInQiOjAsImQiOjAsInN6IjowLCJ2IjoiMGE0MzIyNDY3MDZkYzM1OGM5Mjk0ZDVlOGI4ZDA3MmIiLCJpIjoiZTAzNjRjMGI4YTM3NGMxMjg4OTNjZTkyOGYxZDlhMjYiLCJjYnIiOjAsImNyIjowLCJ2cCI6MSwidmVycyI6IjVkNWM0NWQiLCJyIjoxLCJyZXFfaWQiOiI0Yzk3MTBjNS0xZThiLTRlYmEtODFhYi1lMGY2ZGExNjJlOWIiLCJfdHMiOiIxNjcwODQwMjMyMjkzIn0%3D&cs=VGhlIENsb3VkZmxhcmUgU3RyZWFtIHRlYW0gaXMgaGlyaW5nISBFbWFpbCByZW5hbkBjbG91ZGZsYXJlLmNvbQ%3D%3D&req_id=4c9710c5-1e8b-4eba-81ab-e0f6da162e9b&_ts=1670840232293&l=0&b=0&t=0&d=0&sz=0&v=0a432246706dc358c9294d5e8b8d072b&i=e0364c0b8a374c128893ce928f1d9a26&cbr=0&cr=0&vp=1&vers=5d5c45d&r=1&_a=27794735

Request Chain 151

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjoxLCJkIjowLCJzeiI6MCwidiI6IjdjODFmMWI0MmJlNGM0MTIyMTkzNjIzNDQxM2VmMmFjIiwidnAiOjEsInB2IjowLCJwaCI6MCwidmVycyI6IjVkNWM0NWQiLCJpIjoiZWEwMjBkY2ZhZTU5NDVmN2JhMWU2N2M1M2U1YmNkMTYiLCJpbnQiOnsidHdxYiI6MCwidHdxciI6MH0sInNlcSI6MX0sImJldiI6W10sInFldiI6W10sInNldiI6W10sImwiOjAsImIiOjAsInQiOjEsImQiOjAsInN6IjowLCJ2IjoiN2M4MWYxYjQyYmU0YzQxMjIxOTM2MjM0NDEzZWYyYWMiLCJpIjoiZWEwMjBkY2ZhZTU5NDVmN2JhMWU2N2M1M2U1YmNkMTYiLCJjYnIiOjAsImNyIjowLCJ2cCI6MSwidmVycyI6IjVkNWM0NWQiLCJyIjoxLCJyZXFfaWQiOiJlMjdjM2ViOC1hMDZjLTRmY2MtOTJhYS03N2MwMDRiMjgyNWIiLCJfdHMiOiIxNjcwODQwMjMyMzA5In0%3D&cs=VGhlIENsb3VkZmxhcmUgU3RyZWFtIHRlYW0gaXMgaGlyaW5nISBFbWFpbCByZW5hbkBjbG91ZGZsYXJlLmNvbQ%3D%3D&req_id=e27c3eb8-a06c-4fcc-92aa-77c004b2825b&_ts=1670840232309&l=0&b=0&t=1&d=0&sz=0&v=7c81f1b42be4c41221936234413ef2ac&i=ea020dcfae5945f7ba1e67c53e5bcd16&cbr=0&cr=0&vp=1&vers=5d5c45d&r=1 HTTP 302
https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjoxLCJkIjowLCJzeiI6MCwidiI6IjdjODFmMWI0MmJlNGM0MTIyMTkzNjIzNDQxM2VmMmFjIiwidnAiOjEsInB2IjowLCJwaCI6MCwidmVycyI6IjVkNWM0NWQiLCJpIjoiZWEwMjBkY2ZhZTU5NDVmN2JhMWU2N2M1M2U1YmNkMTYiLCJpbnQiOnsidHdxYiI6MCwidHdxciI6MH0sInNlcSI6MX0sImJldiI6W10sInFldiI6W10sInNldiI6W10sImwiOjAsImIiOjAsInQiOjEsImQiOjAsInN6IjowLCJ2IjoiN2M4MWYxYjQyYmU0YzQxMjIxOTM2MjM0NDEzZWYyYWMiLCJpIjoiZWEwMjBkY2ZhZTU5NDVmN2JhMWU2N2M1M2U1YmNkMTYiLCJjYnIiOjAsImNyIjowLCJ2cCI6MSwidmVycyI6IjVkNWM0NWQiLCJyIjoxLCJyZXFfaWQiOiJlMjdjM2ViOC1hMDZjLTRmY2MtOTJhYS03N2MwMDRiMjgyNWIiLCJfdHMiOiIxNjcwODQwMjMyMzA5In0%3D&cs=VGhlIENsb3VkZmxhcmUgU3RyZWFtIHRlYW0gaXMgaGlyaW5nISBFbWFpbCByZW5hbkBjbG91ZGZsYXJlLmNvbQ%3D%3D&req_id=e27c3eb8-a06c-4fcc-92aa-77c004b2825b&_ts=1670840232309&l=0&b=0&t=1&d=0&sz=0&v=7c81f1b42be4c41221936234413ef2ac&i=ea020dcfae5945f7ba1e67c53e5bcd16&cbr=0&cr=0&vp=1&vers=5d5c45d&r=1&_a=27794735

Request Chain 162

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-iM2pimVUWiox0khS_lq1bXZGCP_Nuh9eeouuzg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iM2pimVUWiox0khS_lq1bXZGCP_Nuh9eeouuzg&expires=30

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-uAtOdmVUWiox0khS_lq1bXZGCP-udgxvi_7sPw&google_cm&google_hm=ay11QXRPZG1WVVdpb3gwa2hTX2xxMWJYWkdDUC11ZGd4dmlfN3NQdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-uAtOdmVUWiox0khS_lq1bXZGCP-udgxvi_7sPw&google_cm=&google_hm=ay11QXRPZG1WVVdpb3gwa2hTX2xxMWJYWkdDUC11ZGd4dmlfN3NQdw&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uAtOdmVUWiox0khS_lq1bXZGCP-udgxvi_7sPw&google_gid=CAESEP6PCDhoY1rYxrki4-DQjL0&google_cver=1&google_ula=913071,0

Request Chain 164

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1546932572949589679

Request Chain 165

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pGmQBGVUWiox0khS_lq1bXZGCP934YpYYacgOQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pGmQBGVUWiox0khS_lq1bXZGCP934YpYYacgOQ&C=1

Request Chain 166

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-wLjOm2VUWiox0khS_lq1bXZGCP_GdUuQVHlNFw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wLjOm2VUWiox0khS_lq1bXZGCP_GdUuQVHlNFw

Request Chain 175

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-UDBNeWVUWiox0khS_lq1bXZGCP_rmIOW07Sppw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-UDBNeWVUWiox0khS_lq1bXZGCP_rmIOW07Sppw&verify=true

Request Chain 179

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vlhsnZWQsIPLZZCjUGs93K9mBe_7wFts HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vlhsnZWQsIPLZZCjUGs93K9mBe_7wFts

Request Chain 190

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=6J9KA7HrBGqrSqjsBDOC0NSXsOL9FiBr

Request Chain 191

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=d0FrXunMmr8hVU9WO_IdesqGYsxDQImN

199 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.newsha.de/
Redirect Chain

http://cdn.newsha.com/
https://cdn.newsha.com/
https://www.newsha.de/

375 KB
90 KB

54ms
18ms

Document
text/html

37.157.250.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsha.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

37.157.250.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

nginx / Newsha2

Resource Hash

d31a033df922835f970154ce3491656ee1fc080f8d87cac95ba606b8a6656b30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 91272
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 10:17:10 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HITv6
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Newsha2
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7785b56b09745b74-FRA
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 10:17:09 GMT
expires: Sun, 12 Dec 2021 10:17:09 GMT
location: https://www.newsha.de/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTvqp64uB9dNW%2F6xuXGjpHikzD%2FhQ0E9iLN8ohY%2FnuOpCxD3dSAOpREto6q1ipTiE3uE3mi6qyfn4EZu%2BtT8HVmzCLJQw6nFBviHikchS3bi9Ea10Fu4codQ9JDhpHp%2Fq3F1hkcw%2BpDk1z5t"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-powered-by: PHP/7.3.33 Newsha1
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 0a177d5c1c1284535d3a6c3ddc28be71.min.css
cdn.newsha.com/static/_cache/merged/ 937 KB
143 KB 85ms
83ms Stylesheet
text/css 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64ce529876d3eafcc20b1e185c1e40bd4e7dc811f15efa6a152fc35a140e5aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:43:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5544
etag: W/"63735122-ea494"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rmxjzr9WMHVYOUdYCQmmaVeJYXVwEv6w5vNTRNTDu9I5Q4G6psW16%2B%2Fueol%2BDPbSLRrrtQyOnTUgyIo%2B%2F8ZFJSDd1%2BrxRGFTxMcon9BvIk6thlHvz%2F6o1QAnTRvaQJwkhiWZ5%2F5MsRoUPY7s"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56ddd675b74-FRA

GET
H2 200 styles-l.min.css
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/ 209 KB
30 KB 84ms
82ms Stylesheet
text/css 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/styles-l.min.css

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63272315487ccd5d8dd84714962100f1e0b697e660d7080b1450a1269d93e2e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3018
etag: W/"63734e95-34214"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mrn8AZtmcH%2F4FhhkBCjcnvjqhaPhKaTAF7d8s%2B2Bp5tjKqmj0jK7wB%2BeHWT3wb%2Bq51YrdgzmwPwG5T4mVwUHyKPvYY%2BxN78boS%2FwwFhssBtPnCbtNWMKnSeeFQ7ln0xLsfzf7Uv1hXbA2%2Bsv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56ddd6c5b74-FRA

GET
H2 200 custom.min.css
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/ 199 KB
41 KB 85ms
82ms Stylesheet
text/css 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67ba7536a6925a22e5a74f9a8b9ddc0b73f1f17011c18b545e17ca2155f00ef1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 16:47:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3018
etag: W/"63878916-31a36"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSlwXj9dLfOsKxep1Eo0KbdXAENHObpw3copvQmu7In6wuRjDqbuLFPhm%2F8i%2BDd1%2BvXtsFfJtDmK2w5YgPZZD2R%2BSpy8MbKCqLotoyS7KiGf5vDa7LGxNdZhBzrt2KShHrx154rN4De70VRV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56ddd705b74-FRA

GET
H2 200 require.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/requirejs/ 25 KB
8 KB 93ms
91ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/requirejs/require.js

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87702195a07a986a77d2ae5439c0497f47a49fcd59f2139ca648fee02e2da13c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3018
cf-polished: origSize=82717
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:24 GMT
server: cloudflare
etag: W/"63734e98-1431d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPmbo5l7GuO%2FLTzmnH6ReSAgZErLMsT9cDX9SYtLY3%2Fazf1BrNgxmjKenUoS%2B2TEzmHQSPwStkiq53e6%2Fy9bOsENwf2%2BqqphQdtz2UjbN30YfEaI2JWiqFpYCvzHs3ahAEKjTpwen3RRspbA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56ddd855b74-FRA

GET
H2 200 shared.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/ 1 MB
348 KB 64ms
62ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/shared.js

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02fb73024c3e21b986fd1327859d0fc8c135c29b38abc8e2fb7f1a3cb7e067e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3018
cf-polished: origSize=1282383
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:59 GMT
server: cloudflare
etag: W/"63734ebb-13914f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CnuT1e31kyN9egAJ%2FpBkMoNEIr1FzubEnQR4SI87LdyevTdHEpWqPV9eGgga4APRPMbFm0tEsgtzdSQtMG7k%2BQNBQBVRWvZiBMW379A7W6tefdVUsQs%2F69tqiLN6HJ%2BEWOtSY8Z8HvEQnB3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56ddd865b74-FRA

GET
H2 200 cms-index-index.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/ 97 KB
30 KB 50ms
48ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/cms-index-index.js

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9c73531083ffaa8fab5de4c81d032633515bd0f8276e5034321b6493c0d8063

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5544
cf-polished: origSize=99089
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:59 GMT
server: cloudflare
etag: W/"63734ebb-18311"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEg31WceEyEJKlPd75yYeR2vC4ktVY0JmUpDUriGHky3kFAmx6nmUGyaMIkqtcCqbN1qwJEkNSx0loh7rXu4rBf9gbF1O%2BfGdiIOddUPk2DIhKI%2BTg2YB085%2BBzw%2BTVNEfK1NkUyWq4QUv05"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56ddd885b74-FRA

GET
H2 200 mixins.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/mage/requirejs/ 3 KB
1 KB 60ms
59ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/mage/requirejs/mixins.js

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e49ccdecfde5faf1fc5998e8cfc36cebfbc17d95b04fd22fb1f42c54cb9630

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3018
cf-polished: origSize=7704
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:24 GMT
server: cloudflare
etag: W/"63734e98-1e18"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FrRMcVSOYigNrAHi9d982dwW%2F80qaM%2F%2Ba436f6d4hE3nrQtz95ahizY9GmkYJjKjA5w1vEkx6lE5aUKSgbOEO8ZB5aZbfk6U9R9kaKX%2FtlY6XgQaESWbdACMq68kw9fdOe6h8V55OYiwq72"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56ddd915b74-FRA

GET
H2 200 requirejs-config.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/ 24 KB
5 KB 60ms
58ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/requirejs-config.js

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5327ee259b28c6a0dc3d706e88c285dd8e12d3db92d41afbbeae30a35980a88b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3018
cf-polished: origSize=48312
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:24 GMT
server: cloudflare
etag: W/"63734e98-bcb8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oj2m5LNHR3vT5SaYdghyM0IYAdFZicWrMTX3aOwia2WnzMhNHLfDuliff8ZC2EX4Xz%2FCQiaXymFUvm297qCQi%2BQf2Y4QscYvDU7o9e5%2FvvpU5dlbdYCe7IJPYBvqPAA%2FqrHo6H0DErRzdHTB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56ddd9a5b74-FRA

GET
H2 200 polyfill.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/mage/ 2 KB
1 KB 84ms
83ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/mage/polyfill.js

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4383fbed4e42bec183d5c8578bad85e74e8a73a858c300139018b3614c04d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3018
cf-polished: origSize=5203
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:24 GMT
server: cloudflare
etag: W/"63734e98-1453"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNbgH8cZGZkzInJ92eNCJdjQ%2Bhnq1cu1XnSEl8K7LfUemQWB2hFrdjC4VKUsZIIjvGeG0OB7jFZ7HF0Lf6BUUz3ICQsi7CLXbMP6imt%2BVNG9vaItIUHc9xO7C3ZOq79UNXpZxG4ckho6UDrz"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56deda65b74-FRA

GET
H2 200 bootstrap.min.css
cdn.newsha.com/media/porto/web/bootstrap/css/ 144 KB
22 KB 43ms
42ms Stylesheet
text/css 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newsha.com/media/porto/web/bootstrap/css/bootstrap.min.css
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a475323ff0a8d2162aeeb9feb56a0b0793eb6f038dc663ecaced6c4819fff713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 09:34:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2338401
etag: W/"5f993b20-240d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FxtR%2Bmajrq5dcT1eb%2BaML8szVfdxhTL7eqrg%2FKUQSrZbo8s0mP7Zo7NyXEwZN6zaYSwas5e%2Fm7nu4vroLy2Mv%2FDedT8fTuViiHYB4HnGPN4akIwZPGPz0bN41HdIO39kHIL2qc%2F1BV6FV09"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7785b56ddd785b74-FRA

GET
H2 200 animate.optimized.css
cdn.newsha.com/media/porto/web/css/ 11 KB
2 KB 47ms
46ms Stylesheet
text/css 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.newsha.com/media/porto/web/css/animate.optimized.css
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8905844677c345315adf0d008de3658dd541ab864c2f1950e68e651e85be09ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2338401
cf-polished: origSize=12945
pragma: public
cf-bgj: minify
last-modified: Wed, 28 Oct 2020 09:34:24 GMT
server: cloudflare
etag: W/"5f993b20-3291"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwDHDchqpJ6r7piNNdvJJ4qyaOVjRAr13Fa1M6bwezBUnkkxIV1rkyxpRXm25A4ko2N0JLCiMbEQHywb%2BZfd4IVV%2BSInYhbPAYXBuM9S4FIxTGZE8sRVhK%2Bv386jNt4ZUq58ZOtkW87dbc7d"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7785b56ddd805b74-FRA

GET
H2 200 js Show response
maps.google.com/maps/api/ 178 KB
58 KB 171ms
74ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyCPte46aAdQUBEvVZyfLc3A9efH0OWi5Y4&libraries=places,geometry

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

822b420a26f975b43cce1d96f82e0087c087935c6b6069447d8318a2d81921f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=30
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59333
x-xss-protection: 0
expires: Mon, 12 Dec 2022 10:47:10 GMT

GET
H2 200 26056322.js Show response
js-eu1.hs-scripts.com/ 1 KB
867 B 132ms
52ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-scripts.com/26056322.js
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3d599f7e0b8644f34ce5e892504690e9122882cfb68ec7b2c63768023e0d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 12 Dec 2022 10:16:36 GMT
server: cloudflare
x-hubspot-correlation-id: 761aca4b-75f4-4666-a40a-ba9e78ce24de
x-trace: 2B269E67C503D0EA2D8C7708683D4B5D14D84A0061000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.newsha.de
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 7785b56f180b9bfb-FRA

GET
H2 200 v2 Show response
integrations.etrusted.com/applications/widget.js/ 4 KB
2 KB 33ms
7ms Script
application/javascript 13.32.99.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://integrations.etrusted.com/applications/widget.js/v2

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-30.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0f285340fde233e4bf0042716b33a9aae7ef38bf6768663286012870f5a648cb

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: Z1QWIHe2Rs3NXetTOSFsaq__o7P6jLG6
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-encoding: gzip
date: Mon, 12 Dec 2022 10:15:18 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 13 Jul 2022 08:43:58 GMT
server: AmazonS3
etag: W/"d7237287c6c61682525e80a1904e6609"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: wEc3k0QA_VOuddrN7AcNs79CTGLyEyoRPxMCQQPvFk31cIiOtn05Kw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
73 KB 176ms
82ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6TGVWJ

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3602ffdeb1b2ef2ac37087e2d0258e91f469d27f78d02bf8a19d6a022c3ec8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74142
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 10:17:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 139ms
45ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-173925650-3

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

532c2fb90c6cad47230e580dc09372ebde5ad025e7a89a692a14c016292f02b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43577
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 10:17:10 GMT

GET
H2 200 logo_newsha.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 2 KB
1 KB 39ms
35ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/logo_newsha.svg

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb685b622cac9ab8432d724b6000c245e3ca6befeb11bea978d7c50f225c0a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6082
etag: W/"63734e95-77a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGONmbpl%2BEGbC21UbeJkVO3emP%2Bpu8IGiHHK6y%2Fm9XJAnQfdU0GMfYu%2FW%2BiQAj1sMiTfkXzJZnC08vCQxOQvhEK7qAbO7HKd2mNHOKdAB6kywhx5XFqHGIqN3lb7YZU%2Fgj%2BoWZSfdsDkCH51"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56f88315b74-FRA

GET
H2 200 Logo_GSW-KeyVisual_pink.png
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/salonfinder/ 4 KB
5 KB 42ms
38ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/salonfinder/Logo_GSW-KeyVisual_pink.png

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76967df0dc01a5d88d37d63d8f85719fe3a363ca478284a4eb98e1e99a330fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3018
cf-polished: origFmt=png, origSize=8556
content-disposition: inline; filename="Logo_GSW-KeyVisual_pink.webp"
content-length: 4454
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-216c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLJjr%2F842NQdbF9WZo%2FbFc6Y2kNUATrMqCQIKrHUD2E0roBkt1qLNYn6mXC1qcQN91y7zbgZ%2B94QmDEMoLd1eIk02FJYuCMw6TFsgv%2FdWhBIx4vSIcDefjnmwuv0jYBHVYegwuQDxq6ekj0M"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 7785b56f88345b74-FRA

GET
H2 200 newsha-treatment-couverts-flawless-repair-excellent-volume.jpg
cdn.newsha.com/media/catalog/product/cache/4ce1220ccafe904195c99ec779d2af28/n/e/ 6 KB
6 KB 84ms
81ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/catalog/product/cache/4ce1220ccafe904195c99ec779d2af28/n/e/newsha-treatment-couverts-flawless-repair-excellent-volume.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 451eb9ba5cc40692204df78795279b2891e2d2f5cf4ebbb85a59f9046f94f9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 401544
cf-polished: qual=85, origFmt=jpeg, origSize=8964
content-disposition: inline; filename="newsha-treatment-couverts-flawless-repair-excellent-volume.webp"
content-length: 5742
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Mar 2022 06:43:46 GMT
server: cloudflare
etag: "62415922-2304"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhO9H0bH2%2FNM0NtmqBklFFjTjDqGn0NDglKKCetGc93tbM8nwmJ%2FW0ETgLE5cKPrgu95Pm%2F%2FflY0akTrRQrLR7TPP0b6ktuewvU%2FPY72MIdtzDRJaWsHFpCAvgXrc32hf8vfgZjtz%2Fil75DX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b56f883f5b74-FRA

GET
H2 200 lebendige-locken-mit-newsha-set.jpeg
cdn.newsha.com/media/catalog/product/cache/4ce1220ccafe904195c99ec779d2af28/l/e/ 9 KB
9 KB 25ms
22ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/catalog/product/cache/4ce1220ccafe904195c99ec779d2af28/l/e/lebendige-locken-mit-newsha-set.jpeg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ca1b292aff5e945e72c359d2d9ca7f199b1c9b567216c72736a9f79c4c8d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 409688
cf-polished: qual=85, origFmt=jpeg, origSize=12864
content-disposition: inline; filename="lebendige-locken-mit-newsha-set.webp"
content-length: 9230
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Mar 2022 06:43:46 GMT
server: cloudflare
etag: "62415922-3240"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVP5psmOOv%2BnSo6vhrXdtCIkJeSD%2FErc%2FMCAIFhuWBj2Efmb7INfeuOz9zmMqwSGIlXpUdtXwHBeV0EhrUjc0NyhB%2FDmUFw0d0%2BJZFA%2FuUrl8Q2cxC5AC64BHC99a%2Bpy8giG7zvqRz%2B8W6M5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b56f88425b74-FRA

GET
H2 200 newsha-cool-blonde-type2-set-2.jpg
cdn.newsha.com/media/catalog/product/cache/4ce1220ccafe904195c99ec779d2af28/n/e/ 6 KB
6 KB 43ms
40ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/catalog/product/cache/4ce1220ccafe904195c99ec779d2af28/n/e/newsha-cool-blonde-type2-set-2.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159ed24e547daeb356b9f7f1dbfbce768f1f61f3585579c100f1e483768344ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399576
cf-polished: qual=85, origFmt=jpeg, origSize=9100
content-disposition: inline; filename="newsha-cool-blonde-type2-set-2.webp"
content-length: 5908
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Mar 2022 06:43:46 GMT
server: cloudflare
etag: "62415922-238c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK8Jrl%2BmZ%2BE5BRIz9Us7EWTQxYaBCKlDU1bl04dRuq4VNvNOqZ8XAhuoUuloTho0Lilzwqru71P2roIX8koCKgik5xgVte%2BlJW5XCWBHa5J7nEBqwwQBNCM6EqLbvuHFTP9vlwLXEKbMeETi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b56f88435b74-FRA

GET
H2 200 newsha-holiday-set-2.jpg
cdn.newsha.com/media/catalog/product/cache/4ce1220ccafe904195c99ec779d2af28/n/e/ 8 KB
8 KB 23ms
20ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/catalog/product/cache/4ce1220ccafe904195c99ec779d2af28/n/e/newsha-holiday-set-2.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f28fd0428304294878ed94bfd2972fd08a42d8ccbb3a1164168bc75ae625e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489339
cf-polished: qual=85, origFmt=jpeg, origSize=11439
content-disposition: inline; filename="newsha-holiday-set-2.webp"
content-length: 7800
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Mar 2022 06:43:46 GMT
server: cloudflare
etag: "62415922-2caf"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDYaikzzvDziat%2Fp4uIz3g7Bm8Vxz2uvA9vGDbefuIDwgpMz3db6p59G%2F%2FGk%2BmXn4Gby6qDAE%2BX7nRsb3Dyv0HasB%2F%2Fj%2FtMQUz%2BuAQm3L5Uxaa%2BikGIXRJktMVKDYPUeuR738b0it5ouZ4RR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b56f88455b74-FRA

GET
H2 200 Beratung.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 7 KB
3 KB 50ms
48ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/Beratung.svg

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbea0bc0111616b2230d738a9a85ce574094da504c02e5c33dfb594354a1a166

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3018
etag: W/"63734e95-1a9c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKzTuueWxces2%2F4b3pdGwjnQgDm30HoMhdWhO9ob5LQFpcgpJ%2B4Q61uTMaY4ewnFDXtTMqct0O5lJEG4nIUglrqTq4yMZ2XWPUG6L5ZZCyMVSyoaefkoClOKTgi9IJsptia9YzB8I1LBi3gg"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56f88485b74-FRA

GET
H2 200 Telefon.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 7 KB
3 KB 56ms
54ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/Telefon.svg

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f9c62e9335910a92d07ad3979e06ed8918a82e2e2a4e5f5eddf26b41cd9bef2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3017
etag: W/"63734e95-1a90"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWytVdujWoI1BGZnbmDelbdSPz%2BaKue%2F1NbkbI8rJVYS1MHp52XyPdoXa78uTilcXjOGc9Rdnyp%2FAAUyVKEYNA%2BPEqBh5yuf3%2BCjEXwNe%2B%2B6ITIbhPCkUtCCMfMflZyAJLviTZY%2FmiYT0T3b"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56f884a5b74-FRA

GET
H2 200 Whatsapp.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 7 KB
3 KB 42ms
40ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/Whatsapp.svg

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52865a7c4014cfdbdd10302587e9123d72de1d1189d6312370ea5530ab46638f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3017
etag: W/"63734e95-1a4a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTixPpiqeB6%2FH%2B43C75Bkj9xR%2Bw7zYZIwb51Sy4HZRs5OISdhieRvD7jdcO9v%2FP9ctE9wjyEo2G26hfmmvJl7uhrBuL%2FQUytZujSxApdPIKp6FOsheGBGQNYnrvTRdrFaNaCm6dhjgpyyieK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56f884c5b74-FRA

GET
H2 200 Mail.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 7 KB
3 KB 76ms
74ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/Mail.svg

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15845a89393dfe06834c8e0e967cf52de47b16be81d84321fb19925237761d57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3017
etag: W/"63734e95-1a9c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk3R%2B6UixTUOA8M11veeERgcONKbgPPocikzjkvQBbpmVIhpUm0KseHwJ0N%2FMvI024U69pStE%2FPoellvYIC4oLR1rgp3fO9SxKG4PDiqsaHgixl02IrD3ONrQjhcJHxlwrqiSrroUgRwuj4V"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56f88505b74-FRA

GET
H2 200 Bestellung.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 7 KB
3 KB 58ms
56ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/Bestellung.svg

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fddb176df9169a586f6c04801be8ce1299d4c4613e9c03a589ef1517a77a02d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3017
etag: W/"63734e95-1a90"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqzE8djltVlndkFC7d%2FLvo1h90M6SFPjzy3bE7DnJInWeqhjq2uNcgyMyP8%2FFW5zNvXPgJ7AIJixhyP7oCe3pxvahcZi6fALWqTv1n1K9iY7WN64udBaGWNAvyIDGb0dhVaI%2FFNypTorSdSp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56f98545b74-FRA

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
449 B 140ms
50ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCPte46aAdQUBEvVZyfLc3A9efH0OWi5Y4&libraries=places,geometry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.newsha.de
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 responsive.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Theme/js/ 2 KB
878 B 60ms
58ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Theme/js/responsive.js

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/requirejs/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae11c52527407c5c4195981522ca6a949f03433986684b82c3b85721ba14d6c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3106
cf-polished: origSize=2610
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:23 GMT
server: cloudflare
etag: W/"63734e97-a32"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqsEe53Ngs6FtDSri1jhbAcyvoOkUu9DzDr9b4RqDEIkOjQ7d7uAYhkFP4jUYCOc3YkQ47SWB5%2F4wdC6kNvR5f8W9lIzNA%2B9y17QdiUG5P%2F3zQ0RjmEKIhLMAR64OKyS2TCejw6IOxeM3FsY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56f98575b74-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 59ms
17ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27317
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uiBHjTFKedbKuMg2sQVrbxbO2a0OiGTfbSqxHYInQSW3IUc77/HKyOAsoWRIGdBvxNI9rK+xWrDgGT8rapdDmA==
x-fb-trip-id: 2050070850
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ibm-plex-sans-v8-latin-600.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/fonts/ 18 KB
19 KB 134ms
113ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/fonts/ibm-plex-sans-v8-latin-600.woff2

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0792d5285778bb59de16512d07ace9d728a161c5006148717d9eea6223ebf84b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 18912
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-49e0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLOr24kw49ZUJUaHmJxy5wmL9YUOkZRlnMVO6Z5UuCdB%2Fo9tlSEOr4wiwCct%2FHb%2FU%2B16DyOAEupQdgj8orqEDTGzJGvizVJJ0oJK2c5mHWOepAQXPM9s%2FePaBkJsn%2B4KUaMQxj297Tm8Krb%2B"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b56faa3468f5-FRA

GET
H2 200 fa-solid-900.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magezon_Core/webfonts/ 73 KB
73 KB 120ms
98ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magezon_Core/webfonts/fa-solid-900.woff2

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 74348
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-1226c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrRuf0WGxJKuXzKpvgLhziLMDNY7Et%2FDVtT6bvULSmMK0yVU7jx5sJ7E0defb243OR80I3Gchg3RzVwq72KKbANz6Zqp5ItI4qRjqcw2CPWqoaJhA4MaSWIy5q8ORMg9TsYPVjyOc6gHfhR%2F"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b56faa3768f5-FRA

GET
H2 200 porto-icons.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/icon-fonts/font/ 24 KB
25 KB 294ms
272ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/icon-fonts/font/porto-icons.woff2

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

993ecc77d2083270d8cf67a141865723e0933baf9ef4982d1835ea6a4dcd4483

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 24944
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-6170"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5YfxG4dJ8ZOnt78cUTHvaQ%2Fgx%2B065YQpRmSY9MZZ9Sb07ko96Z8AAgiScV9V5gkcGKeByxM9w4EYrdpPIxMJZ5fW4SqQsLysJ9aQ04k8YmH5wbFWal09zcSGKlDHI%2F1I3ONO79XHMnCMkFJ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b56faa3d68f5-FRA

GET
H2 200 ibm-plex-sans-v8-latin-regular.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/fonts/ 17 KB
18 KB 123ms
105ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/fonts/ibm-plex-sans-v8-latin-regular.woff2

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 17784
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-4578"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCxsUwSgqsIe2NGc2CodtINEPxYf0RXDw7bkIywpsT0TY6vlK%2BHQsrHzUF3qL%2BKjWovqpy6eafyPf7cj347qHbiSjNqeJmtvAjbcbwjutTwNlNY%2BYgs5ZzWZZjVc9GlZRAnAVJUjlFfpcA3b"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b56faa3968f5-FRA

GET
H2 200 26056322.js Show response
js-eu1.hs-banner.com/ 61 KB
16 KB 95ms
28ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/26056322.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26056322.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29f0b4f949f54868ce281016737765858756fd20b06a9e719a3fccda3906a65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
x-amz-version-id: tqP33Ry6sY511zE3PJeMpeHt7LLBGdP4
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 246QCB8GZ50K9FWH
age: 120
x-amz-server-side-encryption: AES256
x-amz-id-2: 89ya9mhoX/iFB+0y9bOYimRh8E7nPe2zJ5sZ/hgrtVlKatKeNZiX7STkIU/v1wwmdhfOpFZ3kIs=
last-modified: Mon, 05 Dec 2022 09:32:00 GMT
server: cloudflare
etag: W/"67c278eb0ec19cc09b605c83a3b1ff20"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.newsha.de
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7785b56fff0e9024-FRA
expires: Mon, 12 Dec 2022 10:20:10 GMT

GET
H2 200 26056322.js Show response
js-eu1.hs-analytics.net/analytics/1670840100000/ 64 KB
20 KB 97ms
38ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1670840100000/26056322.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26056322.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b510c7339c05d338bd31630bab1d9e72044e6d9640a91cce9acd86ce7629b466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JSJG0TRAXDZ1R2WW
age: 111
x-amz-server-side-encryption: AES256
x-amz-id-2: ZPCZ0eM9MkzgCLsT/kh2CtTVRcQrtA8gHDzhcH9Staq+AMLWiEaic6I3S/oIrjjYBHbNPJclqWo=
last-modified: Thu, 01 Dec 2022 14:26:04 GMT
server: cloudflare
etag: W/"7cfe922ee441f5a0aba2e6ff8bac9bbb"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7785b56fe9d6922c-FRA
expires: Mon, 12 Dec 2022 10:20:19 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 68 KB
25 KB 91ms
29ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26056322.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7

Request headers

Referer: https://www.newsha.de/
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
x-amz-version-id: SN4HXBautbT5xHa4DdPckLpyluwLE8QR
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 575
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.312/bundles/project.js&cfRay=7785a7692fcc917c-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:49:13 UTC
server: cloudflare
etag: W/"349cabd549e2249f8fb6ac3ac6f08e00"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7785b56ff8c790be-FRA
x-amz-cf-id: C4xz_hpO5fSMSv8_wXqcSHWNbLS3HpuMAvWEckVSYCCUgl1ePb7jHQ==
x-hs-target-asset: collected-forms-embed-js/static-1.312/bundles/project.js

GET
DATA 200
OK truncated Show response
/ Frame 81AE 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame EF1E 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 X0592FFD55BF6F6DF23B08388D9D5DB06.js Show response
widgets.trustedshops.com/js/ 15 KB
6 KB 137ms
91ms Script
text/javascript 108.156.60.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/js/X0592FFD55BF6F6DF23B08388D9D5DB06.js
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-5.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20444cc6bd612c6afa751c3d9dc7d195210646551a61c5d23272552c625bc6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: gzip
via: 1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 05:05:05 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: W/"7465a7655fc8a7233335e69cf019695b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=3600
x-amz-cf-id: TTuXghMgPtkIyeUdWATTy2biFWADR6Lo6DqVKqR6_iblhVPjSqAWag==

GET
H2 200 smal_cart.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 682 B
739 B 18ms
18ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/smal_cart.svg

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69d0d7a755b7746450df78448fd4265d5057cf77dcf8e2df838e4602bbcccb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3690
etag: W/"63734e95-2aa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iEVekVGHF4kHULm2WZ2ZHfP3tC%2BMsyYxVI7VEIAjsNRzGjwM5%2FvkJt3lOCE2oGLdouMIdwQVd6ZiNWyXtqwU3OscMmsRgIrOeSG3qDfiHKAoT9EP9puePraHFY3%2FTEGfPE58q%2FXqMGnug3Q"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56fa87c5b74-FRA

GET
H2 200 social-facebook.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 1 KB
950 B 16ms
15ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/social-facebook.svg

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3466e0e315494e28de5f3dd08b0b2eeddc0a27ab5b82632ab5eb12484c9a91b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3690
etag: W/"63734e95-4c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbXlpTskaTCv8xdaRzVXs97k4kJ5OqqSxzr%2Bbzl2fOlcBn3dvYUydfZo%2B62kKFMhTQ3UhWqvi2kRNHYW%2FnVVkS%2BJznRe%2FSu3aF5vfogM%2BDECeQA6SwyayCvTzy0UOsAUYgwO%2FT6UPffUW4sk"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56fc8a25b74-FRA

GET
H2 200 social-instagram.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 2 KB
1 KB 68ms
68ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/social-instagram.svg

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eff6499bb174512e9fb9c0633a3c9564fb985cf007ad1a2799ec5d798615c573

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3106
etag: W/"63734e95-6c6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6dvZrFbriiXHGD0P5zReq8wKqr1fskO3GempynOVfpyajnkvwwGLWwxI8h5UJvVibVWNkWkslcw%2BB21lilcMXoXYQH0bHv%2F3s1zoC6KB%2BzkwePnfdCzsSKCGQ9upj2TmY3BQGAhnjHop5if"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56fc8a45b74-FRA

GET
H2 200 social-youtube.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 1 KB
1 KB 45ms
44ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/social-youtube.svg

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134753bacc72bbb158e8b6b4de90a6c4a5d4003825dccf8ce0bced74916ddae0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3106
etag: W/"63734e95-5e6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XbCnfMruRcv3PvpI%2BukF8D8gF9QgfRZ5Ou87DIq8g%2FgHnkoeX0w4%2F5opxyO1mn0oSDeF1kOq92DiB1aGqKisYKbMGrwjjE%2F60mMl3MrvzbqU06b8nC%2B3Yqk8SZmerv%2BAXXnGMz8v6iekmln"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b56fc8a75b74-FRA

GET
H2 200 cruelty-free-sw.png
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 2 KB
2 KB 22ms
22ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/cruelty-free-sw.png

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d914558b5eac818eaa8d95b6ac3676b59a8572781e7d522f86a7b490269598ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3106
cf-polished: origFmt=png, origSize=4324
content-disposition: inline; filename="cruelty-free-sw.webp"
content-length: 1594
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-10e4"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwc%2Fm1F3fvD4YUCS%2BWgBokqgagwa7kLYgP0F5%2FXDNZmMLjyW9udq49Xx58M%2Fb9lK%2FJUfKj7L808ljh7uogQE4jEKs2WOv0xA6y4x0vt3%2FSKODmfieEL23EzXewzsPlFqYTiP5ktvcZVpsxWC"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 7785b56fc8aa5b74-FRA

GET
H2 200 opensans-400.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/fonts/opensans/regular/ 17 KB
18 KB 135ms
134ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/fonts/opensans/regular/opensans-400.woff2

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b367d278abdbff97dcca334e31b1714fae2f7922f2347c5e76a6fd2c67f15079

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 17848
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-45b8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVPzE%2FYLXof5hFl2zTJP6t6lEJZ7IuIuxl1KQvLfFVPMezzqhPHxti6am59i9k4QQDmMj%2B0BVc1Oe1jJLKxHthJie7rXsaRCSQScBAQVjiZUXOg4wn%2F2l%2Bu4fLfpUJJlfJVTTtT7H%2BfVs9SC"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b56fcaa468f5-FRA

GET
H2 200 ibm-plex-sans-v8-latin-300.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/fonts/ 19 KB
19 KB 113ms
112ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/fonts/ibm-plex-sans-v8-latin-300.woff2

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e7ed4fe6e9016456057ea5ecd4898d3a461e595a8244a7538e1a814889d471

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/css/custom.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 19124
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-4ab4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjlJLcDYhO6rdc0OMyzenwDr9xZV6nQwmXtUZjkUVll1rDupphSzJKeMKjFweEs0k9EQkU%2Bs33WtAEpvUMPssPZsfESyZBBtyOfCj9yOXvQRsm0Lcc2y%2B0BJDs6hSe41vPfFNRpXsQ9iZDOY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b56fcaae68f5-FRA

GET
H2 200 fa-regular-400.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magezon_Core/webfonts/ 13 KB
14 KB 56ms
56ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magezon_Core/webfonts/fa-regular-400.woff2

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 13592
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-3518"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5dVmvM2%2BPyoFXSV%2FtKD3mlBoMobpCME5fhdtVkF9PRl%2FBLRfjfSSUs8HwFKWuyIvcYT8YwUJs%2BCmbHzXRUzuZ46OuapeHYAQdt%2F7lecT6HW2%2FB%2BeKwK1Y2u%2BAykTSmwWhBVHMUVZiUbawnS"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b56fdabd68f5-FRA

POST
H/1.1 200
OK checklogin.php Show response
www.newsha.de/bluro/ 4 B
548 B 168ms
168ms XHR
text/html 37.157.250.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsha.de/bluro/checklogin.php
Requested by: Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/shared.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.250.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx / Newsha1
Resource Hash: bc1888f06cbfdb3ae8b06e3d1d8f2cfa88e801212a375d40eff3dc0208c9e3df

Request headers

Accept: */*
Referer: https://www.newsha.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-ua-compatible: IE=edge
pragma: no-cache
date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: Newsha1
vary: Accept-Encoding
x-cache: MISSv6
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 35
expires: -1

GET
H2 200 embed.js Show response
static.widget.trengo.eu/ 23 KB
10 KB 107ms
47ms Script
text/javascript 2606:4700:20::681a:3a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.widget.trengo.eu/embed.js

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6809165acbeac09630fe72d97f42a22922fd8bb878cffa3c4ae75e53ae7894ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 583138
content-length: 9210
last-modified: Wed, 16 Nov 2022 10:03:24 GMT
server: cloudflare
etag: W/"6374b56c-5c27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qgndo6JkN36tqZbJ2P3xQqARArK9QpGDNEwkjE2k%2BzVVzGuAfuDzcEVQFU44E%2BKHoQtlQA7jaRdPlYwEabeIEfP39E2LXPzKiB5xVafEfYyCKG3VXmKP3HcBbksPZ821x9YiAWar4YLxUJd74eDcUEwm0s7h"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b57099459bee-FRA
expires: Thu, 08 Dec 2022 16:27:29 GMT

GET
H2 200 calendar.png
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Theme/ 334 B
694 B 51ms
51ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Theme/calendar.png

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58087d7c89a5ee77ca06521fd8a3a0bee4b1bd7b85505d93c91fd84faa0243f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3017
cf-polished: origFmt=png, origSize=433
content-disposition: inline; filename="calendar.webp"
content-length: 334
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-1b1"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3%2BKAb7J108Grxq8xOSoUCn8qLI2%2BT%2Bve06Gb4O%2FzI3CEL2JF4ySNWdC3cIWnoMfVdA30D7AlaPljUORDDga7w8I9IrxsHz%2Fxg%2F8WOWHGyxI1dORkkFW9z72YUHm7hl6lM7wEf83hKvCjH66"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 7785b57059725b74-FRA

GET
H2 200 fontawesome-webfont.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Mageplaza_Core/css/fonts/ 70 KB
71 KB 33ms
33ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Mageplaza_Core/css/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 71896
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-118d8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ty4RzpcHzqvndvlFMoJuW5e5YglnylHv22SRRDkrtOLDUNR9KJLPgyT5yoXvowNKp2I5DmmRdKe%2BTGv85ifLYs9Xw3Q6qHuK9hhBo3RU5O7e1wDlrdk0zADpQUVXr1Oox6T0EsTNxIJ17yAW"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b570ac6368f5-FRA

GET
H2 200 select-bg.svg
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 405 B
558 B 22ms
22ms Image
image/svg+xml 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/select-bg.svg

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801bbecfe24ea20eb49f8d9bbada36d10d17b1389f13ff46152c6119612cfb8f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 950
etag: W/"63734e95-195"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxpa0Xnb5VGrw%2Fhjc%2BvcaSYYuRDZ%2BWfZTFldAyaWF3zI%2FfmwO2JAr%2BdJXmDBL5SREznhKjT1C1zauUI9ktrNsgvrBYQ732qScT7MYbz%2BPClydPGxigUfQxn9vbk5CgND7SUtG7mO2it9Gae7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b570ba015b74-FRA

GET
H2 200 iframe Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/ Frame 81AE 2 KB
826 B 140ms
103ms Document
text/html 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
Requested by: Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/shared.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb55330adb7d2fec653c5b5b712c5e68cff9cc40f20ec82719c9be1f639be10

Request headers

Referer: https://www.newsha.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-header: cf-ray
cf-ray: 7785b5712ec9bbdd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 10:17:10 GMT
server: cloudflare
stream-dw-version: 2022.12.6
vary: origin, referer, Accept-Encoding

GET
H2 200 iframe Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/ Frame EF1E 2 KB
693 B 150ms
114ms Document
text/html 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
Requested by: Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/shared.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 496321a74ab8dba0a54414e1e1906abbbf4a630b81c474a85ce7839ecb8eba69

Request headers

Referer: https://www.newsha.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-header: cf-ray
cf-ray: 7785b5712ecdbbdd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 10:17:10 GMT
server: cloudflare
stream-dw-version: 2022.12.6
vary: origin, referer, Accept-Encoding

GET
H2 200 Carmushka_Startseite_Header_Mobil_Shop_now2.jpeg
cdn.newsha.com/media/newsha_content/01_Home/ 105 KB
106 KB 33ms
32ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/Carmushka_Startseite_Header_Mobil_Shop_now2.jpeg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da07779d6fe8a42677d9fb46006905ec8e7a64dfac45f718c0277af900577a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 809056
cf-polished: qual=85, origFmt=jpeg, origSize=266833
content-disposition: inline; filename="Carmushka_Startseite_Header_Mobil_Shop_now2.webp"
content-length: 107710
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Sep 2022 14:36:00 GMT
server: cloudflare
etag: "631214d0-41251"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHwtLd9CRsSZmOFqqYVK9gM%2FQb7nfbyGit8HRgfSj%2FVWpC24Blktn9V0dkv979WKY3MB0Lrp%2BPUA%2Few3LmLX5bQqlltQbwvhEH%2FYWsin6HtJzvlLqNedY%2F8nj1We%2BMC3iAMc419TjGUK0Nzs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b570fa6a5b74-FRA

GET
H2 200 Header_Adventskalender_mobil.jpg
cdn.newsha.com/media/newsha_content/02_Kategorien/XMAS_2021/ 122 KB
122 KB 24ms
23ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/02_Kategorien/XMAS_2021/Header_Adventskalender_mobil.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 998cdd8c7423ed0f9e93d1d5be953963a61fd213b20bf7337d71ba66ced520af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 409646
cf-polished: qual=85, origFmt=jpeg, origSize=228198
content-disposition: inline; filename="Header_Adventskalender_mobil.webp"
content-length: 124656
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Nov 2022 16:06:23 GMT
server: cloudflare
etag: "63862dff-37b66"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrcHUzmdaIhBrHUJEFbWvGyLTTgt2OJqIw0E7ICIs48a5sCzArgT3yLJ39ZhgKOJCpCxfuJAxsu0Mjd5YQR407i0MTbteRiZhTz8PYhyQi2JERKYzicfhUkr%2FQE7cUaKI4yyKYwBo8vqA2sB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b570fa715b74-FRA

GET
H2 200 Carmushka_Startseite_Header4.jpeg
cdn.newsha.com/media/newsha_content/01_Home/ 48 KB
49 KB 50ms
49ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/Carmushka_Startseite_Header4.jpeg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a7191aad4c7e3e52b3cf57bd10d1515be4fed820a04f6728aa695a479eb9d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 403285
cf-polished: qual=85, origFmt=jpeg, origSize=109936
content-disposition: inline; filename="Carmushka_Startseite_Header4.webp"
content-length: 49340
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Sep 2022 13:18:49 GMT
server: cloudflare
etag: "631202b9-1ad70"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddQDmmg89sFVpQ6aDfH3tH3KXulbxUbFCdtyyiVvX5JyHoONe6Ft%2FSQ8F0p2C9RlZrPWYo7M9e1NsBbsKzx%2FoeC4PQfE5QS9TUrVoSti0sTpETA8Lo05wu8%2BP45yMRRW4YVRRXCvNKGjDv38"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b570fa7a5b74-FRA

GET
H2 200 Header_Adventskalender_Desktop.jpg
cdn.newsha.com/media/newsha_content/02_Kategorien/XMAS_2021/ 81 KB
81 KB 43ms
42ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/02_Kategorien/XMAS_2021/Header_Adventskalender_Desktop.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: babbaabcaee0957afc00106279fb412d5f90e4a508b9ebf6b8c8b040f39f0278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 402782
cf-polished: qual=85, origFmt=jpeg, origSize=164139
content-disposition: inline; filename="Header_Adventskalender_Desktop.webp"
content-length: 82642
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Nov 2022 16:06:18 GMT
server: cloudflare
etag: "63862dfa-2812b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXURlRikVCedT7i2SsKca8i8TeunEA3dvoWQKndmtT4XwAlqkvIzQHWPNiDqaF5v6W1UENe4ETtQQ5ReIkNB1kSyH%2FWMSfRdlj%2B4bdoSs%2F2ubH%2B2mi0euMn1ezicQLptoTP3GK947N8jDL%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b570fa7b5b74-FRA

GET
H2 200 NEWSHA-Routine-Finder-MOB.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 60 KB
60 KB 146ms
145ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Routine-Finder-MOB.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04eaa3862b8be663442d4db2ed6d890678917bdc6865bf6add6dacc097bb51c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 918898
cf-polished: qual=85, origFmt=jpeg, origSize=417673
content-disposition: inline; filename="NEWSHA-Routine-Finder-MOB.webp"
content-length: 61094
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:36:00 GMT
server: cloudflare
etag: "62bea3e0-65f89"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtOt0U7woXTTj0uCxpP2elcZHvkW0CS5bvup0EbkAQpyQU1C4FaMwJww44oR%2BvDN8J0fuvIZVS%2B6EEjPqzLy7erclmv81%2BfdmVC%2BRYWxQMoULfLfF4TOh78NWnzJV%2BzP2fS0cIXv%2Fugcb0aF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b570fa815b74-FRA

GET
H2 200 NEWSHA-Haarpflege-Routinen-Sets-MOB.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 116 KB
117 KB 52ms
52ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Haarpflege-Routinen-Sets-MOB.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9ac741d43461b9e34f51b8fe406782586755895095b715b2b0db10ed06789b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 788849
cf-polished: qual=85, origFmt=jpeg, origSize=744846
content-disposition: inline; filename="NEWSHA-Haarpflege-Routinen-Sets-MOB.webp"
content-length: 119256
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:53:21 GMT
server: cloudflare
etag: "62bea7f1-b5d8e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SUobsnbFpiw3QAK3n0QBfliZKY6KQbwCXzE55Qqg7yhQAhc8kY%2F7gYQJ%2Fe%2B91kKlDMrJlDqm7umxPvCL0iDQJNIMJ8EX8CFsGUJ6YIvrlyLeSS3OhzpNJHPlPxk%2BgeQ4gNx2o5dCH1TScJx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b570fa845b74-FRA

GET
H2 200 password-strength-indicator.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Customer/js/ 2 KB
1 KB 149ms
149ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Customer/js/password-strength-indicator.js

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/requirejs/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2991e7380e1e30a887e493dc6f18c9f7594cba375904f96edeb8612138834f1b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3106
cf-polished: origSize=4969
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:23 GMT
server: cloudflare
etag: W/"63734e97-1369"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOFuQ2FoVyGSHzRChEWJopwphWACxJ56069bGPunlWufN7wVfAQm9FmJNqbQ%2B04SgDn53i52QckvpzGxdK4FNNABiTB3SUQ6n9hfs6ib2tv2hvJBUYOS8CTsTjzG3fVNDdTiw8VRqMTfE6pr"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b5711ab45b74-FRA

GET
H2 200 NEWSHA-Haarpflege-Fettiges-Haar.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 97 KB
97 KB 94ms
93ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Haarpflege-Fettiges-Haar.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1016317ef8f2c78fee05e067b821abac4b862d9b73167838e551476d93e33679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 403971
cf-polished: qual=85, origFmt=jpeg, origSize=477926
content-disposition: inline; filename="NEWSHA-Haarpflege-Fettiges-Haar.webp"
content-length: 99072
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:31:53 GMT
server: cloudflare
etag: "62bea2e9-74ae6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agmFnt%2FWKX5qCvH7m7IkAxYA10STdcehiE3NKzFmm18O%2BZJTrGwGhakcZkS7LhRTH0viWq3tCwS7GjF73KQotTqWf6C0ImWxJuUAz%2B63VoRoSDiDnxpOxO6fNlbmzvilYWdG4CM6i0W5oMbg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5718b635b74-FRA

GET
H2 200 NEWSHA-Strapaziertes-Haar-V2.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 73 KB
73 KB 141ms
140ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Strapaziertes-Haar-V2.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0efcabac8c60056bf3b68a8cd5375312e9402b11a195d4318bc38d5a06322024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 402154
cf-polished: qual=85, origFmt=jpeg, origSize=440277
content-disposition: inline; filename="NEWSHA-Strapaziertes-Haar-V2.webp"
content-length: 74722
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 12:24:03 GMT
server: cloudflare
etag: "62bee763-6b7d5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1e0GrnqIgr46Ks3vnRWmXMqkbnxQT76i1L%2FnSQ5joAan2UjdcJjQi%2F2fWNIvjHaO%2FmSJJ2DLVGB4%2FrVMVBsoxsOTksMyAsWKdMegAV55kcCEzhUsaugZiOdSyC%2BgU%2BNr6HjenNCkqtD%2FJ5d"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5718b655b74-FRA

GET
H2 200 NEWSHA-Haartyp-Anti-Frizz-V2.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 88 KB
89 KB 87ms
86ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Haartyp-Anti-Frizz-V2.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e6734d2a02d8678082727ed8232187f3963868ad7d0fe7e1986a15b1116f55d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405404
cf-polished: qual=85, origFmt=jpeg, origSize=461933
content-disposition: inline; filename="NEWSHA-Haartyp-Anti-Frizz-V2.webp"
content-length: 90130
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 12:24:04 GMT
server: cloudflare
etag: "62bee764-70c6d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63cS6cyqA%2BRByurBeVl81rJ8MJpvzAGw72I9iJY9Di9DYR90G6ZiKVQJ7AcoOFF5h19jHwIFBzC6zunCl6A3n6SGqSendwTWXoZrpox9N%2BOWBMpiSu6ECVwHWy61gvtgEdHgNyHH%2Fs7zkUI8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5718b685b74-FRA

GET
H2 200 NEWSHA-Haarpflege-Feines-Haar.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 66 KB
66 KB 103ms
102ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Haarpflege-Feines-Haar.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c72be587be3894475d359c0d27520dd0c1fb5584037e3affad4fa22dc2c8ece3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 402188
cf-polished: qual=85, origFmt=jpeg, origSize=419031
content-disposition: inline; filename="NEWSHA-Haarpflege-Feines-Haar.webp"
content-length: 67144
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:31:52 GMT
server: cloudflare
etag: "62bea2e8-664d7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leVWW4be%2F%2FHHQQNHfINuXKgaRmOkMUA7HChnH%2BnyQP7w6bIXQ2JQsrslmyDyS7bq0buoTHGmT0Cq0ZBMGNDWLjK7kklX5b5RvQalGX6%2FcBqqoy4rGoQVKr%2F5C8%2FKXszDlBjE1ERnub2ELZoM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5718b695b74-FRA

GET
H2 200 NEWSHA-Haartyp-Gefaerbtes-Blondiertes-Haar-V3.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 24 KB
25 KB 108ms
107ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Haartyp-Gefaerbtes-Blondiertes-Haar-V3.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2540246358994d92bf24fbf99b2101038296fc32369d942585e67a8c989d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 881252
cf-polished: qual=85, origFmt=jpeg, origSize=309966
content-disposition: inline; filename="NEWSHA-Haartyp-Gefaerbtes-Blondiertes-Haar-V3.webp"
content-length: 24946
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 14:42:33 GMT
server: cloudflare
etag: "62bf07d9-4bace"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLbu4UwRTnWvUuc1rVmi7y7Q1aIqDIb2UyBrMCBTv4k3583eVTnWy77K8YAZYelaNOJZIPqM0z0aAPoJe1Tp7FZbNGbNjQB0cmYV9DQWXymmqENF27Qbw1YnXO2E51PGQh9t4gsJHiiN9b%2Fz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5718b6a5b74-FRA

GET
H2 200 NEWSHA-High-Performance-Leave-In-Conditioner-250ml.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 14 KB
14 KB 81ms
80ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-High-Performance-Leave-In-Conditioner-250ml.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63c28d62cd0f358a0779c552d825757c95e8f4e26ce70511b20c22b48d9da284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400997
cf-polished: qual=85, origFmt=jpeg, origSize=116808
content-disposition: inline; filename="NEWSHA-High-Performance-Leave-In-Conditioner-250ml.webp"
content-length: 14320
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Jun 2022 14:04:05 GMT
server: cloudflare
etag: "62b9b8d5-1c848"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAuKBHwcyRXT1Db5G%2BfetM1I7pBK0A3TZqjJAKAB2pq3kKOTNwE1FscVZ5LOGW99njTB0M4nXobFi0AEVxbGHEk%2BWQc3PY%2BT395Ga8fUNbawNUndxkfi8pjpoECI1MG1kOp9jHbIm9t6gphq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571bba35b74-FRA

GET
H2 200 NEWSHA-Gentle-Care-Shampoo-250ml.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 9 KB
9 KB 133ms
131ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Gentle-Care-Shampoo-250ml.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91f42039dc83f19e6b7e139bc9ca38e81c051d3311561619eeb6685d9dbe43f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 916259
cf-polished: qual=85, origFmt=jpeg, origSize=90460
content-disposition: inline; filename="NEWSHA-Gentle-Care-Shampoo-250ml.webp"
content-length: 8994
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Jun 2022 14:04:01 GMT
server: cloudflare
etag: "62b9b8d1-1615c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gf1wWbuUMrdXX909EvE6u0wofJRmnwwf%2B3FKhy%2FWlFuZpgF6ApLLWNO0AfmtNa7Q8L9US%2BJYXdXL9WgBTFunkubbILSjHVNuFxW3oMdMxmjCQ8E9mGKRDPH%2BWQ%2BEKsBBckUAQ8WthdTeLDSL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571bba45b74-FRA

GET
H2 200 NEWSHA-Soft-Cotton-Conditioner.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 11 KB
12 KB 75ms
74ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Soft-Cotton-Conditioner.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d86a7400985371156fe36a6328f78f03a54658a8b34bc0d17d18a65c4a373e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1676997
cf-polished: qual=85, origFmt=jpeg, origSize=103044
content-disposition: inline; filename="NEWSHA-Soft-Cotton-Conditioner.webp"
content-length: 11598
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Jun 2022 14:04:08 GMT
server: cloudflare
etag: "62b9b8d8-19284"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqJk9aPh6dp6U41BWqqaFhQdP2oW5zg98cvmWSMf30jZ%2FtN5AnHeu3Fg0Zdae5tPaFwUMtY%2FxV5RYtB6CywcDgB889QlBtb%2Ffmm3Ntv%2BU1%2FHWmnRb1uERkyZmczWsKfAtdpDH0If0nduAnCw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571bba65b74-FRA

GET
H2 200 NEWSHA-Daily-Routine-Shampoo-250ml.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 9 KB
9 KB 57ms
57ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Daily-Routine-Shampoo-250ml.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf73ae351176a67feb39eaef6ce7dcd8cbec24e215124be730a415e2bca7cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405403
cf-polished: qual=85, origFmt=jpeg, origSize=91211
content-disposition: inline; filename="NEWSHA-Daily-Routine-Shampoo-250ml.webp"
content-length: 9246
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Jun 2022 14:03:52 GMT
server: cloudflare
etag: "62b9b8c8-1644b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRSZa%2BULYBdXMtNanNK3i6CDHdcFqdA6UIkn%2Bs0ebDV9D64L2WmRO1NEb27LTcw9YjdVKqloAf5ImdUHOF0aCOc8Pbn1bnsQ9J1MzxZAAKgbcNLCfN5gTQADD50oDGSQa3%2B529Yt%2B1PojW1K"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571bba85b74-FRA

GET
H2 200 NEWSHA-Daily-Weightless-Conditioner-250ml.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 10 KB
10 KB 85ms
85ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Daily-Weightless-Conditioner-250ml.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21f51718f00abb0b20d8ad1818533521a7567c2224814b495485684a997f3fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972110
cf-polished: qual=85, origFmt=jpeg, origSize=93327
content-disposition: inline; filename="NEWSHA-Daily-Weightless-Conditioner-250ml.webp"
content-length: 9932
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Jun 2022 14:03:53 GMT
server: cloudflare
etag: "62b9b8c9-16c8f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnfoMldSjAXlxfLGAV5GQQhgEwLNvEsL4ubcUAAp08mh9PAaae3VEB6ZVSMn0jiuLDA8BmP%2FByhYjMqagD8EtMeShFQjHpiFBmzcuJlcbBSX6zacoRhUqY608yuDn4osr527IAAvzYFCpd8e"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571bbaa5b74-FRA

GET
H2 200 NEWSHA-Produktwelten-Alle-Produkte.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 91 KB
91 KB 43ms
42ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Produktwelten-Alle-Produkte.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc057b81bec19b26b224bc49b58d11a693a545d741d7cbd1d514e991bd8e934b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399575
cf-polished: qual=85, origFmt=jpeg, origSize=230722
content-disposition: inline; filename="NEWSHA-Produktwelten-Alle-Produkte.webp"
content-length: 92976
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:59:07 GMT
server: cloudflare
etag: "62bea94b-38542"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHmdEyMoBbznmZsSa1GuWw0CnseSK0GcKiPKtzYJ1%2BCcqrWpQFnz%2Flh072vujkbxQJ01dwHjOU1s8fjyrIVqU9PNZzs8zDlvEOIGUR9mGHPOxmfuK1wEbdVEI%2Fir3H0cs9cKKSSKsamuBXc5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571dbf85b74-FRA

GET
H2 200 NEWSHA-Produktwelten-Shampoo.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 170 KB
171 KB 85ms
84ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Produktwelten-Shampoo.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 247fadaeeb5ad289cd92e0946aa73295194bb043b75b3751d419dc6f1db1fa5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408266
cf-polished: qual=85, origFmt=jpeg, origSize=355169
content-disposition: inline; filename="NEWSHA-Produktwelten-Shampoo.webp"
content-length: 174486
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:59:19 GMT
server: cloudflare
etag: "62bea957-56b61"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFdwb2rfugZ3wfwmPP7%2Fqs1K8iV9u0jhVMqkvKHjD%2Ftj7S3SjHRuEPbgATq27GG68bo4iobQqwVBGgXfXqPi5olku2FqaW%2F%2B7PXtRDH4DS%2BkuTiI%2FUe1lpxEBqCd6kt9QscfjSCp7GCtNDgz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571dbfa5b74-FRA

GET
H2 200 NEWSHA-Produktwelten-Conditioner.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 133 KB
133 KB 51ms
50ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Produktwelten-Conditioner.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60f6b3a514b1b8c8569421d29f193d9da9f12d2cabb7bd8339f53035030bb175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2220458
cf-polished: qual=85, origFmt=jpeg, origSize=266120
content-disposition: inline; filename="NEWSHA-Produktwelten-Conditioner.webp"
content-length: 135974
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:59:09 GMT
server: cloudflare
etag: "62bea94d-40f88"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPVblu%2FhEK%2FghO5FKTs3MXA3sRa5X7Z3GO%2FjHYkHc0qTpG4gIfyleSQwebrlSwDm1fv68DoHxcNVjN5IxLDh48fB4H33vo7UsueToleXohGdB8ObxacGtSwxpTW7namHRY8Iim5u8HGNLGAn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571dbfb5b74-FRA

GET
H2 200 NEWSHA-Produktwelten-Masques-Treatments.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 38 KB
38 KB 80ms
80ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Produktwelten-Masques-Treatments.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190b3494046538a6ad22ed2b8568b77ca12e1dd6f985d810fcbd292d0b9a563d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 402188
cf-polished: qual=85, origFmt=jpeg, origSize=190251
content-disposition: inline; filename="NEWSHA-Produktwelten-Masques-Treatments.webp"
content-length: 38694
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:59:11 GMT
server: cloudflare
etag: "62bea94f-2e72b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAIk0WpMQSFuxp3sn7zLwxlSF0nTnoqps1LfQWFK7OnX5yaCwgGS1uXBWh7ki2vH8f%2BA%2BjQLDWK0sEf2UWZZPcDdFqQTi%2FbAn6ePUJiX5747GMkHPSdGKisblgmOiq0PEs8ODKNquKh5RuzA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571dbfd5b74-FRA

GET
H2 200 NEWSHA-Produktwelten-Styling.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 27 KB
28 KB 182ms
182ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/NEWSHA-Produktwelten-Styling.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15024e82d4c83556ac2953d00dd7dd35dbccb24470cf4fc44f4c58571d6fefc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1051352
cf-polished: qual=85, origFmt=jpeg, origSize=164672
content-disposition: inline; filename="NEWSHA-Produktwelten-Styling.webp"
content-length: 27918
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Jul 2022 07:59:22 GMT
server: cloudflare
etag: "62bea95a-28340"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SfrVaTOjHWxh4witKBd3bpPK90uL4ldFLBAS9B%2B5jD9Xp04TMPqiU3cMPx57JGyTbMv2jpY0ghYsoriri55KL8cVBkAJ5Omd9qKCD8%2Fcs4AoC7z4iFDZeTU9%2F4aiM9tkWfvamDYewfEU273"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571dbff5b74-FRA

GET
H2 200 photo-output_3_2.JPG
cdn.newsha.com/media/newsha_content/01_Home/ 62 KB
62 KB 36ms
34ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/photo-output_3_2.JPG
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbb7b011afa85a818dfd9501058ab37504c51521e4b3e1623d3d1e4d8dd5879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399931
cf-polished: qual=85, origFmt=jpeg, origSize=154151
content-disposition: inline; filename="photo-output_3_2.webp"
content-length: 63504
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 12:07:17 GMT
server: cloudflare
etag: "633c21f5-25a27"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlco9bYy0coG9nMu3IT867y%2FyTrYiofrdCR29LWOt1RAX1%2FF3wlKOOEohaOBCcM6G67qk%2B9BMvxkFKsmPlv1kJ3U%2Fl%2BMMsTPwaC82BUiPSc%2BoQs1PG9ePMjsuHDBsdfaf9x%2Bx28PEyzKkTKu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b571fc355b74-FRA

GET
H2 200 photo-output_9.JPG
cdn.newsha.com/media/newsha_content/01_Home/ 65 KB
65 KB 66ms
64ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/photo-output_9.JPG
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b46c8b4c1da627cc039172d587090bdee8dbad4081db50045dabe6103fb5f1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 915198
cf-polished: qual=85, origFmt=jpeg, origSize=150510
content-disposition: inline; filename="photo-output_9.webp"
content-length: 66448
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Oct 2022 12:07:31 GMT
server: cloudflare
etag: "633c2203-24bee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjMevxny9KmytQb3%2FTaD14ugtD1tYjfcI6uJeBlv%2BosDJ7W4XzQgtsvL575QeJ0637isGgSER0gZ0%2FPQ7o1qCVWK0%2B2Pa5On2Nb%2FwCPTTqgRN2d1x9onLbPbS%2F5ob4xqFmrRhrMKZs7EtOk5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5720c3c5b74-FRA

GET
H2 200 photo-output_4.JPG
cdn.newsha.com/media/newsha_content/01_Home/ 76 KB
76 KB 67ms
65ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/photo-output_4.JPG
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1c75b45e339eb49ba1e87b229acf628ccdd639b5539f77664954d7a446e1d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1052004
cf-polished: qual=85, origFmt=jpeg, origSize=166926
content-disposition: inline; filename="photo-output_4.webp"
content-length: 77542
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 08:44:55 GMT
server: cloudflare
etag: "6332b807-28c0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2iW932bZMR59%2BWDRSwOJXj0q9YWg7Vb8mB%2FnFC2uHJvXJUIQaqfyFvfBJmqqL8g%2FTEp96FnoQ%2F8hV%2F%2BpRG2iXQo97P6C%2FHxogPZnfZaJZ%2BxifMQ1LniJ5m3oWfIDgLBTAxYPhy08bhUVfsM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5720c3e5b74-FRA

GET
H2 200 Post21.jpg
cdn.newsha.com/media/newsha_content/01_Home/ 78 KB
78 KB 38ms
37ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/Post21.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5499ae03db92dae52b52a80112550e06a10741200bcfe2a59fe8aa24802d0fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 402188
cf-polished: qual=85, origFmt=jpeg, origSize=184432
content-disposition: inline; filename="Post21.webp"
content-length: 79362
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 08:51:32 GMT
server: cloudflare
etag: "6332b994-2d070"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B5G9o9rsuSrS%2BiolFA5oIeFlrT12scOMcIijt5kkm%2F2A%2BH5SQ8OK0hwWYNsN7e6JGDVG6Wvqzz3ouoje%2F2Csd1jBEpIrdulYlBWJHROut1WpSzt8DwnRH4uvG0vJMmx7Isy0F1des%2BhVRWH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5720c3f5b74-FRA

GET
H2 200 photo-output_5.JPG
cdn.newsha.com/media/newsha_content/01_Home/ 53 KB
53 KB 32ms
32ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/01_Home/photo-output_5.JPG
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8b2f743536510b5740cd80b34ca14ec31974d75bd536575e79274986287d6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 919137
cf-polished: qual=85, origFmt=jpeg, origSize=145114
content-disposition: inline; filename="photo-output_5.webp"
content-length: 54068
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Sep 2022 12:10:44 GMT
server: cloudflare
etag: "6329adc4-236da"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pv8MUBkiz3OyRvvv7%2FLNcLr%2F4Wm9h5VPjydaXUCQM723AwFdYOsfZ%2FdOAkSgcMY88H%2FR2QY8y7lNpjh%2BGUtyeFFQD2xTQH%2ForJV7dhWi6ryZlCiXD8tF3NbwpajBlDYAY7gaw1uH4l8Y0uc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b5720c405b74-FRA

GET
H2 200 validation.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Customer/js/ 416 B
664 B 60ms
60ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Customer/js/validation.js

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/requirejs/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d003194b1ba6366d11d2e60d5f3610b0b55098d79a903ff4702b71f1b12befac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3106
cf-polished: origSize=578
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:23 GMT
server: cloudflare
etag: W/"63734e97-242"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tyv7gVy%2Bdwo2KKS79hFC2dzrXtwlc7UN2F6Nuvq%2BFxYVKZ5BcVIFq7B8kV0yJ3BlsRMfyCo2Sute9z4avKwzalLvf3zOIjGvcScknM8QLEUaUl9mDCPZsEHB6EqFG5AdSJGCHtLPv1QQm0xa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b5720c535b74-FRA

GET
H2 200 slider.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magezon_PageBuilder/js/ 5 KB
2 KB 49ms
48ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magezon_PageBuilder/js/slider.js

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/requirejs/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d155ef3639f9a6848957c2e54b232a71264f50ac326b977cdfbdb931d54b84c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5226
cf-polished: origSize=9751
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:23 GMT
server: cloudflare
etag: W/"63734e97-2617"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9f%2BaMm%2FOZVHPp%2F3Pw6j6POGJptrFGjzhkbxDyeOxMouti0RQV1eybIfAxugi%2BgwGFTN26sXAV2Tq5yjrxLVxr8h4jLnwnL%2FNkaDOemQfgDtVfN4pjLM76Bj946QXPOLpA6BF5iLVxKy3mNgM"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b5722c705b74-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 926 B
1001 B 129ms
49ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=globalOnRecaptchaOnLoadCallback&render=explicit

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/shared.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2756771cabe2de556b24aab021eea70862246e902a8e0aa71dea45d66d2e90d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Mon, 12 Dec 2022 10:17:10 GMT

GET
H2 200 opensans-300.woff2
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/fonts/opensans/light/ 17 KB
18 KB 38ms
36ms Font
font/woff2 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/fonts/opensans/light/opensans-300.woff2

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69fd4fd58ab3812b5b43a91478b13191fee58a0a438a5901345c89ea4991e9ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.newsha.com/static/_cache/merged/0a177d5c1c1284535d3a6c3ddc28be71.min.css
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5078
content-length: 17436
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-441c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4707uMagLgbf2gWQ%2FaMYiIhdcjCWHtNLakknPddgWsA0pnZSLRkmcxt6EK9b1Ikl7TDz%2BLXwijWKjFHhv6MT1RWgvus1xybTrISY3vI6I2bpg1bz%2BvUxIRYOB%2FwrKbQqZoIX1x0ekRIDulJ3"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7785b5726fbe68f5-FRA

GET
H/1.1 200
OK load Show response
www.newsha.de/customer/section/ 49 B
890 B 669ms
669ms XHR
application/json 37.157.250.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsha.de/customer/section/load?sections=messages&force_new_section_timestamp=true&_=1670840230208

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/shared.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

37.157.250.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

nginx / Newsha2

Resource Hash

dbde7d1345478941e2b6a09258b0ed0364335a8df9f10a8391cca51939f82a59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newsha.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-powered-by: Newsha2
x-cache: MISSv6
content-length: 60
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
expires: -1

GET
H2

200

sdk-iframe-integration.fla9.latest.js Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/ Frame 81AE
Redirect Chain

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js

755 KB
239 KB

120ms
120ms

Script
application/javascript

2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
Protocol: H2
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c93c40e39658aebd2334c2dcb54dc54e4178e812bb270fd949935e115caf00c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 21:36:22 GMT
server: cloudflare
age: 119
etag: W/"f0706de51bb79f0fcd66dd783c9fe443"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=180
access-control-expose-header: cf-ray
stream-dw-version: 2022.12.6
cf-ray: 7785b573dce4bbdd-FRA
timing-add-origin: *
expires: Mon, 12 Dec 2022 10:13:06 GMT

Redirect headers

location: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
date: Mon, 12 Dec 2022 10:17:10 GMT
server: cloudflare
cf-ray: 7785b5731b27bbdd-FRA
content-length: 0
vary: Accept-Encoding

GET
H2

200

sdk-iframe-integration.fla9.latest.js Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/ Frame EF1E
Redirect Chain

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js

755 KB
239 KB

163ms
163ms

Script
application/javascript

2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
Protocol: H2
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c93c40e39658aebd2334c2dcb54dc54e4178e812bb270fd949935e115caf00c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 21:36:22 GMT
server: cloudflare
age: 119
etag: W/"f0706de51bb79f0fcd66dd783c9fe443"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=180
access-control-expose-header: cf-ray
stream-dw-version: 2022.12.6
cf-ray: 7785b5740d37bbdd-FRA
timing-add-origin: *
expires: Mon, 12 Dec 2022 10:13:06 GMT

Redirect headers

location: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
date: Mon, 12 Dec 2022 10:17:10 GMT
server: cloudflare
cf-ray: 7785b5732b3abbdd-FRA
content-length: 0
vary: Accept-Encoding

GET
H/1.1 200
OK cookies Show response
www.newsha.de/gdprcookie/cookie/ 7 KB
3 KB 1139ms
1120ms XHR
application/json 37.157.250.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsha.de/gdprcookie/cookie/cookies?allowed=&restriction=

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/shared.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

37.157.250.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

nginx / Newsha3

Resource Hash

5dcc7947df8139ec78050d2d5301095e3af2125599311b9c928155b13df76596

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newsha.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-powered-by: Newsha3
transfer-encoding: chunked
x-cache: MISSv6
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
expires: -1

GET
H2 200 loader-1.gif
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/ 86 B
463 B 27ms
27ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/images/loader-1.gif

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c976fab8d5d40cc6839269a22d65b4b6f31a4f9937bd675b4df02dc5ecf876b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3106
cf-polished: origFmt=gif, origSize=116
content-disposition: inline; filename="loader-1.webp"
content-length: 86
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 08:32:21 GMT
server: cloudflare
etag: "63734e95-74"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY%2B0C%2BvsQ%2BXv%2FlR1ooqw1Ab6ChnXxZnZAtz4bzuluB9PvIfXToyRAHcGd81e%2BnFlTXqoSrYriXCkNcglZyWhB%2FxxWQSDxhQs%2BWR%2BMAF0PV%2FIFZNXEsMZJtQsTIR754KRATKDPvbpiCZ28Nul"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
accept-ranges: bytes
cf-ray: 7785b5732e375b74-FRA

GET
H/1.1 200
OK / Show response
www.newsha.de/customer/section/load/ 49 B
890 B 1722ms
1703ms XHR
application/json 37.157.250.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsha.de/customer/section/load/?sections=messages&force_new_section_timestamp=false&_=1670840230209

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/bundles/shared.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

37.157.250.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

nginx / Newsha2

Resource Hash

4775aada9fe5cd929bc993a5e0f7661802af48e943464e41a17ff7a584afd21a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newsha.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-powered-by: Newsha2
x-cache: MISSv6
content-length: 60
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
expires: -1

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: t5INcVTHMc3Bcz0d1thfBRdpX6i1s2JQr2rM7zlq7QHLhKqfYj7nB9vXKpKSq28ACw2CvJL6UmerD5KOBIlsag==
x-fb-trip-id: 2050070850
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 809928873293248 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/809928873293248?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18fd4a267b6893658849bb29e1f66e31c7db00e0eab19af6d04f4510dab8f4fc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Gg/+9YyciN8V+cxzmXLPB+m7EE4JwHU5gb/Y/rRsJaKlCIqGt5Ew1yFNGa55CHxlKFM9KZ528ME+0+DFbkMNPw==
x-fb-trip-id: 2050070850
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 view Show response
js-eu1.hs-banner.com/cookie-banner-public/v1/activity/ 0
136 B 68ms
68ms XHR
text/plain 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js-eu1.hs-banner.com
URL: https://js-eu1.hs-banner.com/26056322.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsha.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: fa40b3cd-3b15-4387-97cc-fc893aee5a01
x-trace: 2B7F9F48653B81ECB8B6262EB724ED423E27121129000000000000000000
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.newsha.de
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7785b5741b509271-FRA

OPTIONS
H2 200 view
js-eu1.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 122ms
78ms Preflight
application/octet-stream 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsha.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.newsha.de
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7785b5739a4c9271-FRA
content-length: 0
content-type: application/octet-stream
date: Mon, 12 Dec 2022 10:17:11 GMT
server: cloudflare
timing-allow-origin: *
vary: origin

GET
H2 200 widget Show response
api.widget.trengo.eu/web-widget-api/ 4 KB
2 KB 75ms
38ms XHR
application/json 3.127.193.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.trengo.eu/web-widget-api/widget?vt=a4fe4e41-108a-4079-f1cd-26f9597e20f0&path=%2F&state=&trengoKey=AnOplYmzWH4bhmY

Requested by

Host: static.widget.trengo.eu
URL: https://static.widget.trengo.eu/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.193.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

vip-widget2.trengo.io

Software

Resource Hash

4fea5c668fac1f2ce3e5accf56f1966b2aefffbd6d784ee1445ed8ece7f9beeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newsha.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-trace-id: 78c37fb1-6e6e-49d9-986b-0301521e3594
date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, private

GET
H2 200 json Show response
forms-eu1.hubspot.com/collected-forms/v1/config/ 116 B
1014 B 88ms
34ms XHR
application/json 172.65.193.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=26056322&utk=

Requested by

Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.193.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db2ea94d8edd890b71a3ffc47fe3df33fe458735281288158781351df7d7cef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newsha.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 14c8f084-ee6f-46e1-a192-c72c6261a3e8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsha.de
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3X2ByAsdo8E4mHRBgcXC3cK2eMsOY28FiNeAaEYAgwr3nlJlI76RS8cEUp8TZdwj%2FPZKJiJMdIW1xNkQrn%2F1xySGFH5spKe8gMh4m7j4CSXSgK87NK1FehP%2Bg9ekr%2Bqpf4GKzti9zg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7785b5746a359bd7-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
37ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173925650-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 09:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3151
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 11:24:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 126ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HQ258C53G9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173925650-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10e62c054e88c52acded7d2a9aab7da5de4559aec8231e1b37bbac32c9ad0191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 12 Dec 2022 10:17:11 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 122ms
16ms Script
application/javascript 2a02:2638:1::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=96222

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6TGVWJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2b7ce824308da02595fb3c3ea70c4aebfdcbe04764571800cccb14176c47cbc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 26056322.js Show response
js-eu1.hs-scripts.com/ 1 KB
579 B 17ms
17ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-scripts.com/26056322.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6TGVWJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f962bc349cc02e300bde90f82bce331a7a5b07fa59dbe288d875782d40838a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
cf-cache-status: HIT
x-hubspot-correlation-id: 761aca4b-75f4-4666-a40a-ba9e78ce24de
age: 1
cf-polished: origSize=1523
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 10:17:10 GMT
server: cloudflare
x-trace: 2B269E67C503D0EA2D8C7708683D4B5D14D84A0061000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.newsha.de
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 7785b5747b649bfb-FRA

GET
H2 200 trbo_14003_b35e14902ac0f3fb2951dd817cb49054.js Show response
static.trbo.com/plugin/ 318 KB
82 KB 84ms
35ms Script
text/javascript 35.190.85.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.trbo.com/plugin/trbo_14003_b35e14902ac0f3fb2951dd817cb49054.js
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.85.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.85.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 594f6f569a0be45027f0ebaa99345798a117b8b5aae5fd003789351bffb9ada9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvsk5iI9CbXVFUNzzD33O5Ps4bLW2whfXE1DBSbOby5q8_VLedGrNzKwgOyGhIMeGgSOKz7s6GNW9gK2B8kymRaB2HX9Qls
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83619
last-modified: Fri, 02 Dec 2022 13:41:11 GMT
server: UploadServer
etag: "05163aadf3fcf3ba90886b0d3ead80f1"
vary: Accept-Encoding
x-goog-generation: 1669988471262041
x-goog-hash: crc32c=sLJaWg==, md5=BRY6rfP887qQiGsNPq2A8Q==
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=600, public
x-goog-stored-content-length: 83619
accept-ranges: bytes
expires: Mon, 12 Dec 2022 10:27:11 GMT

GET
H2 200 zxcvbn.js Show response
cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Customer/js/ 28 KB
10 KB 18ms
18ms Script
application/javascript 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/Magento_Customer/js/zxcvbn.js

Requested by

Host: cdn.newsha.com
URL: https://cdn.newsha.com/static/frontend/Smartwave/newsha_bluro/de_DE/requirejs/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0eb00de0782fe66d669d58870e313ac56c043ec902e056465fc5ab778bb7030

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3107
cf-polished: origSize=52004
cf-bgj: minify
last-modified: Tue, 15 Nov 2022 08:32:23 GMT
server: cloudflare
etag: W/"63734e97-cb24"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npjkDpEe5gIDQGYsEGRMlVUbrikRoPqCaqhat5Z7We5CSJp5XCZ61UHtRPoh5%2F9RGfG7%2FkZQAs5WKbBd%2F7IOtFb%2FQQuVzr86gyg4GBl0Oi17As8s2QVHIe%2Be1K%2B9VwpnLivghdFTO%2FnaJ4TX"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200
cf-ray: 7785b574a8845b74-FRA

GET
H2 200 widget.js Show response
static.widget.trengo.eu/ Frame 9909 910 KB
291 KB 44ms
44ms Script
text/javascript 2606:4700:20::681a:3a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.widget.trengo.eu/widget.js?id=f97995da972e7a153d5bf2e150bd6021

Requested by

Host: static.widget.trengo.eu
URL: https://static.widget.trengo.eu/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

545be702789b0f0da0c2a50b5935d4bb34c6438cd753354681f80fa0982a48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 432806
content-length: 297115
last-modified: Wed, 16 Nov 2022 10:03:24 GMT
server: cloudflare
etag: W/"6374b56c-e37a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icV5VXHaWHiZly5Q7GdH7mNMXrl%2B%2Bp%2BnCG4t5XmEAjoZ5pVQHzAcGgRcMUv%2BpVxouqOupPYJb5xm0fd4LU6u%2Bcvq2w09bOfvKlLu%2B%2FlKAmOYYztN1MXc2gXFebVwRHvEL7vljrzoL1CU95OM9dj1cevXN2YW"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b574c9469bee-FRA
expires: Thu, 08 Dec 2022 17:05:22 GMT

GET
H2 200 counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
438 B 120ms
44ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=9

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 582df585-2ceb-4787-ac33-08ed9a56d40d
x-trace: 2B537B7756666F2969B602B1C94765EF37F8E145A7000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7785b5755c9ebbd7-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 newsha-men-rurik-DESK.jpg
cdn.newsha.com/media/newsha_content/02_Kategorien/15_Men/ 120 KB
120 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/02_Kategorien/15_Men/newsha-men-rurik-DESK.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799de639bcdc5c354d3a92374118290150ff3bf966113fff514f8bdcdc9117d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 921085
cf-polished: qual=85, origFmt=jpeg, origSize=226463
content-disposition: inline; filename="newsha-men-rurik-DESK.webp"
content-length: 122616
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Apr 2022 14:08:49 GMT
server: cloudflare
etag: "6267fcf1-3749f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaGMvsw0VLes%2Bzg6Kmg0HR%2FtZf06r8DKnKS6I6Ul4zmD2%2BJiExKzkTt%2BVlU5H49ypGQKCSh3MBNT9jAaaegf4UXsTCaA%2FuhSEkcyQfgM%2FznkI%2BrrfxbyVQRO8%2BLGj7aVch3A%2B3FTRcWz9tXr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b574f9075b74-FRA

GET
H2 200 liz_banner_m.jpg
cdn.newsha.com/media/newsha_content/Influencer_LPs/Liz_Kaeber/ 124 KB
124 KB 23ms
23ms Image
image/webp 2606:4700:20::ac43:4698
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsha.com/media/newsha_content/Influencer_LPs/Liz_Kaeber/liz_banner_m.jpg
Requested by: Host: www.newsha.de
URL: https://www.newsha.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 234bead210e3d6f430e2c3f31a01247ebc480a47953e5775ec993e21f24e1ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400855
cf-polished: qual=85, origFmt=jpeg, origSize=260551
content-disposition: inline; filename="liz_banner_m.webp"
content-length: 126882
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 03 May 2022 07:30:05 GMT
server: cloudflare
etag: "6270d9fd-3f9c7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNo0oHgT6ddwjGz%2FmOfkQlTFyf82onV1Z5S0gvGB3n%2FlBoG1NWWtpp5UBUJpio5prjW3iSjwhN03x4ZB25x2kc4CzbgsDUjasCo2j%2FGo8mhscjiZA4mhX2NhQJ2MN6AEz09LmQ1tK4r2hoJB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785b574f90a5b74-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ 403 KB
162 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=globalOnRecaptchaOnLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsha.de/
Origin: https://www.newsha.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164801
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 09:55:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 65ms
16ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=809928873293248&ev=PageView&dl=https%3A%2F%2Fwww.newsha.de%2F&rl=&if=false&ts=1670840231219&cd[source]=magento2&cd[version]=2.3.5-p1&cd[pluginVersion]=1.4.2&sw=1600&sh=1200&v=2.9.89&r=stable&a=magento2-2.3.5-p1-1.4.2&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22668181247709057%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22887421658479632%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22890658271625228%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22EUR%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22443117187299530%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22598446764564173%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22702017631185352%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1670840231217.783807740&it=1670840230922&coo=false&rqm=GET

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 thumbnail.jpg
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/thumbnails/ Frame 81AE 62 KB
62 KB 131ms
131ms Image
image/jpeg 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/thumbnails/thumbnail.jpg?time=&height=600

Requested by

Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10b1d18c05f63c6da2c4aac828e8dd2987b3a70dec58f0d990469ab4b53f69de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1251378
stream-dw-version: 2022.12.6
content-length: 63221
core-cache-status: MISS
last-modified: Sat, 29 Oct 2022 09:40:22 GMT
server: cloudflare
vary: origin, referer, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b57598b1bbdd-FRA
access-control-allow-headers: range
served-in-seconds: 1.176

GET
H2 200 thumbnail.jpg
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/thumbnails/ Frame EF1E 34 KB
34 KB 120ms
120ms Image
image/jpeg 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/thumbnails/thumbnail.jpg?time=&height=600

Requested by

Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbeac36cf8ac67cf2f2d56640d18edd16784b1ddb776d3abdc8b45c14ded29d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3801553
stream-dw-version: 2022.12.6
content-length: 34912
core-cache-status: MISS
last-modified: Wed, 12 Oct 2022 19:38:46 GMT
server: cloudflare
vary: origin, referer, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b5763a6abbdd-FRA
access-control-allow-headers: range
served-in-seconds: 1.421

GET
H2 200 playerEnhancementInfo.json Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/metadata/ Frame 81AE 231 B
228 B 152ms
152ms Fetch
application/json 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/metadata/playerEnhancementInfo.json
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179b147a5e47f4389df722fea8f7d611813ddde7c5a8dd86f3123bd890214fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
server: cloudflare
vary: origin, referer, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=600
access-control-expose-header: cf-ray
stream-dw-version: 2022.12.6
cf-ray: 7785b5763a77bbdd-FRA
access-control-allow-headers: range

GET
H2 200 lifecycle Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/ Frame 81AE 115 B
164 B 95ms
95ms Fetch
application/json 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/lifecycle
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb8923821db574c940a5b194385c0a9c50fad0f3adcee1530c99544161e9c14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
server: cloudflare
cf-ray: 7785b5763a7cbbdd-FRA
vary: Accept-Encoding
content-type: application/json

GET
H2 200 playerEnhancementInfo.json Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/metadata/ Frame EF1E 232 B
210 B 171ms
171ms Fetch
application/json 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/metadata/playerEnhancementInfo.json
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5be7236932c3dc1edeb5aca9d7d4bfd3e755373ef80b35a665c5536a5d54e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
server: cloudflare
vary: origin, referer, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=600
access-control-expose-header: cf-ray
stream-dw-version: 2022.12.6
cf-ray: 7785b5767b0abbdd-FRA
access-control-allow-headers: range

GET
H2 200 lifecycle Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/ Frame EF1E 115 B
162 B 114ms
113ms Fetch
application/json 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/lifecycle
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba99c936d381e52b96fcd04b471ac210f536e31249a5803300e3004533766f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: br
server: cloudflare
cf-ray: 7785b5767b0dbbdd-FRA
vary: Accept-Encoding
content-type: application/json

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 108ms
35ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 12 Dec 2022 11:03:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 102ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HQ258C53G9&gtm=2oebu0&_p=606965958&cid=1322615961.1670840231&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670840231&sct=1&seg=0&dl=https%3A%2F%2Fwww.newsha.de%2F&dt=Exklusive%20Haarpflege-%20%26%20Stylingprodukte%20%7C%20NEWSHA&en=page_view&_fv=1&_ss=1&_ee=1&ep.dimension_kundengruppe=NOT%20LOGGED%20IN
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HQ258C53G9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsha.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.php Show response
collect.trbo.com/i/ Frame 9785 31 B
311 B 150ms
77ms Document
text/html 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.trbo.com/i/c.php?browser_type=&channel=typein&cl=14003&click_type=typein&pg=www.newsha.de%2F&device=&device_type=desktop&group=-1&has_flash=NaN&is_adclick=NaN&is_click_in=1&is_mobile=0&is_organic=NaN&is_referrer=NaN&is_tablet=0&is_typein=1&os=&protocol=https&rand=351693969.2668748&uid=9221f684bfcf990fee0b68cfcc6da415&sid=1219911633&pt=4&td=%7B%22slots%22%3A%7B%7D%2C%22data%22%3A%7B%7D%7D&rnd=1670840231621&stot=1
Requested by: Host: static.trbo.com
URL: https://static.trbo.com/plugin/trbo_14003_b35e14902ac0f3fb2951dd817cb49054.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: d730144bf24e45e450e1317fc371ce76c8560dad0b5d96f64416d082b58466e7

Request headers

Referer: https://www.newsha.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 10:17:11 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-robots-tag: noindex

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F901 15 KB
6 KB 47ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.newsha.de&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=96222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.newsha.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 10:17:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 962689
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 206 chat.mp3
static.widget.trengo.eu/assets/ Frame 9909 9 KB
10 KB 41ms
40ms Media
audio/mpeg 2606:4700:20::681a:3a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.widget.trengo.eu/assets/chat.mp3

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

925a4821693bdc5a3efca443e0436b96c0548155537b7887f8b8e649722e9a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519966
Content-Range: bytes 0-9611/9612
Content-Length: 9612
last-modified: Wed, 16 Nov 2022 10:02:07 GMT
server: cloudflare
etag: "6374b51f-258c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FydzySkrN87ccgoRctVLE5J7TN9pltCcpz616HErvaluPz4C2KfoXWqzKUWhu3I6P7hHOYU%2B%2FxEbTBIx1NDVA3aEfx9yTGG3U52KnDz7osribj81dgKfC8qPpjNwwYU%2FYYRZ5xozf2pGqvECSvVnzFns2rFg"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 7785b5780f159bee-FRA
expires: Thu, 08 Dec 2022 16:09:29 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4764 42 KB
22 KB 139ms
61ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff7TQbAAAAAA-CdCZjLoKFpGXCnHO-CcE_9vuV&co=aHR0cHM6Ly93d3cubmV3c2hhLmRlOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=inline&cb=23drlktcy7yd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

040e80dde891f786faff34911f851f8f48eeeabedde5b05f91b1f04a03792f1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HhGMuXOXjdXA1i0d1mVgUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsha.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22253
content-security-policy: script-src 'report-sample' 'nonce-HhGMuXOXjdXA1i0d1mVgUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 10:17:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 video.mpd Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/manifest/ Frame 81AE 6 KB
6 KB 69ms
69ms Fetch
application/dash+xml 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/manifest/video.mpd?parentOrigin=https%3A%2F%2Fwww.newsha.de
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4d1c442d78bf51c8e029957c4b45f6f3c7539a5c24fc3edcd18aa94f40e8db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
server: cloudflare
vary: origin, referer, Accept-Encoding
content-type: application/dash+xml
access-control-allow-origin: *
cache-control: public, max-age=600
access-control-expose-header: cf-ray
stream-dw-version: 2022.12.6
cf-ray: 7785b5786f10bbdd-FRA
access-control-allow-headers: range

GET
H2 200 r.php Show response
api-v4.trbo.com/ 353 B
552 B 162ms
68ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v4.trbo.com/r.php?g=%7B%22st%22%3A0%2C%22p%22%3A%22https%3A%2F%2Fwww.newsha.de%2F%22%2C%22t%22%3A1670840231%2C%22sh%22%3A%2214003%22%2C%22u%22%3A%229221f684bfcf990fee0b68cfcc6da415%22%2C%22e%22%3Afalse%2C%22ts%22%3A0%2C%22ust%22%3A1670840231%2C%22sdt%22%3A0%2C%22sc%22%3A1%2C%22bsc%22%3A1%2C%22bv%22%3Anull%2C%22sid%22%3A1219911633%2C%22pt%22%3A4%2C%22cb%22%3A%7B%22value%22%3A0%2C%22num%22%3A0%2C%22voucher%22%3A0%2C%22p%22%3A%5B%5D%2C%22c%22%3A%5B%5D%7D%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22ct%22%3A3%2C%22cic%22%3A%5B%5D%2C%22cic2%22%3A%7B%7D%2C%22ref%22%3A%22%22%2C%22acd%22%3A0%7D&s=%5B%7B%22sst%22%3A1670840231%2C%22pvc%22%3A1%2C%22sd%22%3A0%7D%5D&p=%7B%7D&pc=%7B%7D&sp=%7B%7D&cp=%5B%5D&nbp=%7B%7D&c=%7B%7D&mc=%5B%5D&b=%7B%7D&m=%5B%5D&bl=%5B%5D&dl=%7B%22LS%22%3A%22n%2Fa%22%2C%22override_segment_id%22%3A-1%2C%22override_segment_ids%22%3A-1%2C%22trbo_module_blacklist%22%3A%5B%5D%7D&seg=%7B%7D&se=%7B%7D&cds=%5B%5D&dd=%7B%22type%22%3A%22desktop%22%2C%22device%22%3A%22desktop%22%2C%22os%22%3A%22windows%22%2C%22isTouch%22%3Afalse%7D&_=1670840231452
Requested by: Host: static.trbo.com
URL: https://static.trbo.com/plugin/trbo_14003_b35e14902ac0f3fb2951dd817cb49054.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 51120e0ea1e3c5b03041054f7901514ed3a901ab112cda7cc30a1ba0ad6fa547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:11 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: POST, GET, OPTIONS
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex
access-control-allow-headers: Content-Type

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 35ms
17ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=809928873293248&ev=Microdata&dl=https%3A%2F%2Fwww.newsha.de%2F&rl=&if=false&ts=1670840231774&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Exklusive%20Haarpflege-%20%26%20Stylingprodukte%20%7C%20NEWSHA%22%2C%22meta%3Adescription%22%3A%22Beste%20Haarpflege%20und%20mehr%20%E2%87%92%20Edle%20Duftnoten%2C%20hochwertige%20%26%20nat%C3%BCrliche%20Inhaltsstoffe%20%E2%9C%93%20Vegan%20%E2%99%A1%20Tierversuchsfrei%20%3E%3E%20Jetzt%20entdecken!%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Exklusive%20Haarpflege-%20%26%20Stylingprodukte%20%7C%20NEWSHA%22%2C%22og%3Adescription%22%3A%22Beste%20Haarpflege%20und%20mehr%20%E2%87%92%20Edle%20Duftnoten%2C%20hochwertige%20%26%20nat%C3%BCrliche%20Inhaltsstoffe%20%E2%9C%93%20Vegan%20%E2%99%A1%20Tierversuchsfrei%20%3E%3E%20Jetzt%20entdecken!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.newsha.de%22%2C%22og%3Asite_name%22%3A%22Newsha%20-%20Private%20Haircare%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.newsha.de%2F%22%2C%22name%22%3A%22Newsha%20-%20Private%20Haircare%22%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40type%22%3A%22WebPage%22%2C%22speakable%22%3A%7B%22%40type%22%3A%22SpeakableSpecification%22%2C%22cssSelector%22%3A%5B%22.cms-content%22%5D%2C%22xpath%22%3A%5B%22%2Fhtml%2Fhead%2Ftitle%22%5D%7D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.newsha.de%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.newsha.de%2Fcatalogsearch%2Fresult%2Findex%2F%3Fq%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=magento2-2.3.5-p1-1.4.2&ec=1&o=30&fbp=fb.1.1670840231217.783807740&it=1670840230922&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 video.mpd Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/manifest/ Frame EF1E 7 KB
7 KB 102ms
102ms Fetch
application/dash+xml 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/manifest/video.mpd?parentOrigin=https%3A%2F%2Fwww.newsha.de
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70973d6498cb3403773c14c9ce5d8a60989b5fa227a168dcfc84e4e0293bf073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
server: cloudflare
vary: origin, referer, Accept-Encoding
content-type: application/dash+xml
access-control-allow-origin: *
cache-control: public, max-age=600
access-control-expose-header: cf-ray
stream-dw-version: 2022.12.6
cf-ray: 7785b5789f59bbdd-FRA
access-control-allow-headers: range

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
42ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=606965958&t=pageview&cu=EUR&_s=1&dl=https%3A%2F%2Fwww.newsha.de%2F&ul=en-us&de=UTF-8&dt=Exklusive%20Haarpflege-%20%26%20Stylingprodukte%20%7C%20NEWSHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUIhAAAAACAAI~&jid=918217802&gjid=2052881830&cid=1322615961.1670840231&tid=UA-173925650-3&_gid=1667211784.1670840231&_r=1&gtm=2oubu0&cd1=NOT%20LOGGED%20IN&z=1294796025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsha.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsha.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F901
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=newsha.de&sn=ChromeSyncframe&so=0&topUrl=www.newsha.de&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=HMgaKXxCRzdJR0s3TDNEdmhtd1ltazk0a05KdmJMTXlwdTI2SHB1VU9NMG1yc2d6S1YxdHdyTW5ocXQ4eFZGdDZBRHptczJPbFdjZHhWNmswbUtLUVJDcTZic2JETm9xaUtxZ1lOOFBiaE1IMDgxN2pLaFB2dElJeFF5Zn...

439 B
658 B

75ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=HMgaKXxCRzdJR0s3TDNEdmhtd1ltazk0a05KdmJMTXlwdTI2SHB1VU9NMG1yc2d6S1YxdHdyTW5ocXQ4eFZGdDZBRHptczJPbFdjZHhWNmswbUtLUVJDcTZic2JETm9xaUtxZ1lOOFBiaE1IMDgxN2pLaFB2dElJeFF5ZnlDc3dUYzR6bU5OYWRkcXgxUDNLa09KZVdpdFdxZlZrc1ROU3NIOWVpU1RmaXhtU1NoMFlxc2lQSUFYZW0vTWhoQ20zRE9zeXppdTZnaEYrU2NzQ2lRUVE4UmorbUwyelJON050VXJTMG5hSkhZVlc2VnA3d3kyQmFHQjhNY21NZGlCbXVlSlJseEpnMWtMbGRjemxvQ0NCbmFoaXlOZz09fA&cppv=2

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ccce63dfc1efedb0def9a6cd7f9ec29cd6a51e839ab225200f93f886cbcfbaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2796595
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=HMgaKXxCRzdJR0s3TDNEdmhtd1ltazk0a05KdmJMTXlwdTI2SHB1VU9NMG1yc2d6S1YxdHdyTW5ocXQ4eFZGdDZBRHptczJPbFdjZHhWNmswbUtLUVJDcTZic2JETm9xaUtxZ1lOOFBiaE1IMDgxN2pLaFB2dElJeFF5ZnlDc3dUYzR6bU5OYWRkcXgxUDNLa09KZVdpdFdxZlZrc1ROU3NIOWVpU1RmaXhtU1NoMFlxc2lQSUFYZW0vTWhoQ20zRE9zeXppdTZnaEYrU2NzQ2lRUVE4UmorbUwyelJON050VXJTMG5hSkhZVlc2VnA3d3kyQmFHQjhNY21NZGlCbXVlSlJseEpnMWtMbGRjemxvQ0NCbmFoaXlOZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 695281
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 66ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-173925650-3&cid=1322615961.1670840231&jid=918217802&gjid=2052881830&_gid=1667211784.1670840231&_u=6GBAAUIgAAAAACAAI~&z=793419719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsha.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 10:17:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsha.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/ Frame 81AE 765 B
1009 B 99ms
98ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/init.mp4?p=eyJ0eXBlIjoiaW5pdCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjYzOGUzNDE5Zjc3NGY5YmFjOWZiNWVmN2Q1NTBmNWQzIiwicmVuZGl0aW9uIjoiMTg3ODU4MDc5IiwibXV4aW5nIjoiMjM4NDgyODA5In0&s=JxrCv8Krw6_Cu27DgQTDmkDDl2fCo8OyVsOeXkpPw7_DphlIQsOmw6TDjcOmw4nCt8K_
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009ee8f14f4f7695fc9ba695ef822ef1bbc9a378c3b9030db55bbee416fe3910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
cf-cache-status: HIT
age: 1337383
stream-dw-version: 2022.12.6
content-length: 765
last-modified: Thu, 23 Jun 2022 08:26:13 GMT
server: cloudflare
etag: "f1b2a996dcdbf9cb781c3d705074a1f3"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b578f82ebbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Thu, 10 Nov 2022 20:57:00 GMT

GET
H2 200 init.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/ Frame 81AE 830 B
977 B 102ms
102ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/init.mp4?p=eyJ0eXBlIjoiaW5pdCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjM5NzA2YmYyNDNjNDQ5MzIwZDNiZDYzODg3MjA3MzNiIiwicmVuZGl0aW9uIjoiMTg3ODU4MDk5IiwibXV4aW5nIjoiMjM4NDgyODI5In0&s=L8Kxe2YbwpR7w5FIwpHDlELCmsKAwq5cwp41dwInwq4EPlR4wpbCgcOswrPDgcKZ
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9bcb12288161d904240cc3df0d9d273cb86fd6c83c8f331c6e9d54e6a4e28e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
cf-cache-status: HIT
age: 1254037
stream-dw-version: 2022.12.6
content-length: 830
last-modified: Thu, 23 Jun 2022 08:26:21 GMT
server: cloudflare
etag: "d0b5a798600976f7b72ff4da1f851424"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b578f830bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Mon, 07 Nov 2022 17:48:37 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 4764 52 KB
24 KB 112ms
39ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff7TQbAAAAAA-CdCZjLoKFpGXCnHO-CcE_9vuV&co=aHR0cHM6Ly93d3cubmV3c2hhLmRlOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=inline&cb=23drlktcy7yd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 09:55:09 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 4764 403 KB
161 KB 109ms
36ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 05:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164801
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 05:01:35 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-173925650-3&cid=1322615961.1670840231&jid=918217802&_u=6GBAAUIgAAAAACAAI~&z=57011629

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 146ms
53ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-173925650-3&cid=1322615961.1670840231&jid=918217802&_u=6GBAAUIgAAAAACAAI~&z=57011629

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/ Frame EF1E 765 B
876 B 78ms
78ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/init.mp4?p=eyJ0eXBlIjoiaW5pdCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjUyYTA4MmRhNWFhMDY3MjkwNGI0NDRiYmJmZjE0ZDY1IiwicmVuZGl0aW9uIjoiMTg5MjU0MzEwIiwibXV4aW5nIjoiMjM5ODc5MDUwIn0&s=IMOSNcK0b2tPwrPCmcK0GHTDu8K4FcOGwrUYdsKGwrYvwpzChyhRDyrDrH1ew70
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009ee8f14f4f7695fc9ba695ef822ef1bbc9a378c3b9030db55bbee416fe3910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
cf-cache-status: HIT
age: 1337383
stream-dw-version: 2022.12.6
content-length: 765
last-modified: Mon, 27 Jun 2022 08:02:15 GMT
server: cloudflare
etag: "f1b2a996dcdbf9cb781c3d705074a1f3"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b57968f4bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Tue, 01 Nov 2022 05:06:21 GMT

GET
H2 200 init.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/ Frame EF1E 832 B
1 KB 135ms
135ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/init.mp4?p=eyJ0eXBlIjoiaW5pdCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjRmZGYwYTMzNTQ0NmI1NGRjODMxNjBlMjIyMzZjNzdkIiwicmVuZGl0aW9uIjoiMTg5MjU0Mjk4IiwibXV4aW5nIjoiMjM5ODc5MDM4In0&s=RcORVXMiaC7CkXNndMKXwoTCnW3DnyDDs8K0wqFYN3nCqR_CjcO6w6pMLcO3w54
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e28dde2ff11782b6bc97c5ae5126ef4776c902a6bec5aa2ce60e3c9564064d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1337384
stream-dw-version: 2022.12.6
content-length: 832
last-modified: Mon, 27 Jun 2022 08:02:13 GMT
server: cloudflare
etag: "a54bc1ecffc6c7a1f4b846b2aaac17a5"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b57968f6bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 01 Jul 2022 14:47:57 GMT

GET
H2 200 seg_1.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/ Frame 81AE 2 KB
2 KB 104ms
104ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/seg_1.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNTMzMzMzMzMzMzMzLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjYzOGUzNDE5Zjc3NGY5YmFjOWZiNWVmN2Q1NTBmNWQzIiwicmVuZGl0aW9uIjoiMTg3ODU4MDc5IiwibXV4aW5nIjoiMjM4NDgyODA5In0&s=KcKXV8KAZAhJCELCqcKDw6pTYcKTwpXDslI_AUrCgcKWwrlKw4kcwpPDik9ALg
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70cce38ac8e3bbba89beb9cba6cadc24e495a5131bab9dc815af702121effa86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1254038
stream-dw-version: 2022.12.6
content-length: 2082
last-modified: Thu, 23 Jun 2022 08:26:13 GMT
server: cloudflare
etag: "2165503b535744a27bd820f1e8ff07de"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b5799947bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Thu, 10 Nov 2022 21:45:18 GMT

GET
H2 200 seg_1.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/ Frame 81AE 1 MB
1 MB 102ms
102ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/seg_1.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNCwidXNlVk9ET1RGRSI6dHJ1ZSwidHJhY2siOiIzOTcwNmJmMjQzYzQ0OTMyMGQzYmQ2Mzg4NzIwNzMzYiIsInJlbmRpdGlvbiI6IjE4Nzg1ODA5OSIsIm11eGluZyI6IjIzODQ4MjgyOSJ9&s=JHvCgjnDvMOuKDxowpDDqw_Dh8KxwpjDlWhYYinDlHnCjMOVGcKVXRHCvSIbw4c
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29199928972257f07bd631c7b3c34648ec8b574795d9356ecff357ec6841374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1337384
stream-dw-version: 2022.12.6
content-length: 1198437
last-modified: Thu, 23 Jun 2022 08:26:19 GMT
server: cloudflare
etag: "0fce5362fcd46aa701df71264e08097f"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b579a954bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 01 Jul 2022 14:47:57 GMT

GET
H2 200 seg_1.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/ Frame EF1E 2 KB
2 KB 76ms
75ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/seg_1.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNTMzMzMzMzMzMzMzLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjUyYTA4MmRhNWFhMDY3MjkwNGI0NDRiYmJmZjE0ZDY1IiwicmVuZGl0aW9uIjoiMTg5MjU0MzEwIiwibXV4aW5nIjoiMjM5ODc5MDUwIn0&s=cMOQw6bDhsORH2Fqw4LDvsOec8KRwo7DksOswo7Ck3JKByLDh8ONbGPCg8KEOMKgWkI
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70cce38ac8e3bbba89beb9cba6cadc24e495a5131bab9dc815af702121effa86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1337384
stream-dw-version: 2022.12.6
content-length: 2082
last-modified: Mon, 27 Jun 2022 08:02:02 GMT
server: cloudflare
etag: "2165503b535744a27bd820f1e8ff07de"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b579e9cbbbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 01 Jul 2022 14:46:48 GMT

GET
H2 200 seg_1.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/ Frame EF1E 1 MB
1 MB 118ms
118ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/seg_1.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNCwidXNlVk9ET1RGRSI6dHJ1ZSwidHJhY2siOiI0ZmRmMGEzMzU0NDZiNTRkYzgzMTYwZTIyMjM2Yzc3ZCIsInJlbmRpdGlvbiI6IjE4OTI1NDI5OCIsIm11eGluZyI6IjIzOTg3OTAzOCJ9&s=w4XCg3A5ZMONfQZZNBd6LFUrwp58ZsKOw4A1wrEsw4zCu8OvZyvClsKRBsKM
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8432d08d31bda39f6280ea6cc799654baabcfdc4bb5f87fd1842af3ae5f3c0fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1254038
stream-dw-version: 2022.12.6
content-length: 1235466
last-modified: Mon, 27 Jun 2022 08:02:11 GMT
server: cloudflare
etag: "441b27e1b3ea68633df128c244844e19"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b57a3a7fbbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Tue, 01 Nov 2022 05:06:21 GMT

GET
DATA 200
OK truncated
/ 193 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38b68726937bb190e35fb2dcd662944ee76166d11ccd5006aef4d6e6f6ae86ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
192 B 346ms
44ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: d58a2a1c-1754-475f-bb8c-d1098c3258f7
x-trace: 2B442D710CC0BC41309C9DB34E2E1F6FA827427501000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7785b57cdb97bbd7-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4764 2 KB
2 KB 47ms
46ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 311823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 15 Dec 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4764 15 KB
16 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 485745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4764 15 KB
15 KB 125ms
45ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 487044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Dec 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4764 102 B
134 B 46ms
45ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4dc0c66eadd4b3167ccb395964b88ea5717313ab053efc1618af0064cb7f3fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff7TQbAAAAAA-CdCZjLoKFpGXCnHO-CcE_9vuV&co=aHR0cHM6Ly93d3cubmV3c2hhLmRlOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=inline&cb=23drlktcy7yd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 12 Dec 2022 10:17:12 GMT

GET
H2

204

media
customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/ Frame 81AE
Redirect Chain

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjowLCJkIjowLCJzeiI6MCwidiI6IjBhNDMyMjQ2NzA2ZGMzNThjOTI5NGQ1ZThiOGQwNzJiIiwidnAiOjEsInB2IjowLCJwaCI...
https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjowLCJkIjowLCJzeiI6MCwidiI6IjBhNDMyMjQ2NzA2ZGMzNThjOTI5NGQ1ZThiOGQwNzJiIiwidnAiOjEsInB2Ijo...

0
55 B

9ms
9ms

Image
text/plain

2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjowLCJkIjowLCJzeiI6MCwidiI6IjBhNDMyMjQ2NzA2ZGMzNThjOTI5NGQ1ZThiOGQwNzJiIiwidnAiOjEsInB2IjowLCJwaCI6MCwidmVycyI6IjVkNWM0NWQiLCJpIjoiZTAzNjRjMGI4YTM3NGMxMjg4OTNjZTkyOGYxZDlhMjYiLCJpbnQiOnsidHdxYiI6MCwidHdxciI6MH0sInNlcSI6MX0sImJldiI6W10sInFldiI6W10sInNldiI6W10sImwiOjAsImIiOjAsInQiOjAsImQiOjAsInN6IjowLCJ2IjoiMGE0MzIyNDY3MDZkYzM1OGM5Mjk0ZDVlOGI4ZDA3MmIiLCJpIjoiZTAzNjRjMGI4YTM3NGMxMjg4OTNjZTkyOGYxZDlhMjYiLCJjYnIiOjAsImNyIjowLCJ2cCI6MSwidmVycyI6IjVkNWM0NWQiLCJyIjoxLCJyZXFfaWQiOiI0Yzk3MTBjNS0xZThiLTRlYmEtODFhYi1lMGY2ZGExNjJlOWIiLCJfdHMiOiIxNjcwODQwMjMyMjkzIn0%3D&cs=VGhlIENsb3VkZmxhcmUgU3RyZWFtIHRlYW0gaXMgaGlyaW5nISBFbWFpbCByZW5hbkBjbG91ZGZsYXJlLmNvbQ%3D%3D&req_id=4c9710c5-1e8b-4eba-81ab-e0f6da162e9b&_ts=1670840232293&l=0&b=0&t=0&d=0&sz=0&v=0a432246706dc358c9294d5e8b8d072b&i=e0364c0b8a374c128893ce928f1d9a26&cbr=0&cr=0&vp=1&vers=5d5c45d&r=1&_a=27794735

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Server

2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7785b57c6f5abbdd-FRA
x-frame-options: DENY

Redirect headers

location: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjowLCJkIjowLCJzeiI6MCwidiI6IjBhNDMyMjQ2NzA2ZGMzNThjOTI5NGQ1ZThiOGQwNzJiIiwidnAiOjEsInB2IjowLCJwaCI6MCwidmVycyI6IjVkNWM0NWQiLCJpIjoiZTAzNjRjMGI4YTM3NGMxMjg4OTNjZTkyOGYxZDlhMjYiLCJpbnQiOnsidHdxYiI6MCwidHdxciI6MH0sInNlcSI6MX0sImJldiI6W10sInFldiI6W10sInNldiI6W10sImwiOjAsImIiOjAsInQiOjAsImQiOjAsInN6IjowLCJ2IjoiMGE0MzIyNDY3MDZkYzM1OGM5Mjk0ZDVlOGI4ZDA3MmIiLCJpIjoiZTAzNjRjMGI4YTM3NGMxMjg4OTNjZTkyOGYxZDlhMjYiLCJjYnIiOjAsImNyIjowLCJ2cCI6MSwidmVycyI6IjVkNWM0NWQiLCJyIjoxLCJyZXFfaWQiOiI0Yzk3MTBjNS0xZThiLTRlYmEtODFhYi1lMGY2ZGExNjJlOWIiLCJfdHMiOiIxNjcwODQwMjMyMjkzIn0%3D&cs=VGhlIENsb3VkZmxhcmUgU3RyZWFtIHRlYW0gaXMgaGlyaW5nISBFbWFpbCByZW5hbkBjbG91ZGZsYXJlLmNvbQ%3D%3D&req_id=4c9710c5-1e8b-4eba-81ab-e0f6da162e9b&_ts=1670840232293&l=0&b=0&t=0&d=0&sz=0&v=0a432246706dc358c9294d5e8b8d072b&i=e0364c0b8a374c128893ce928f1d9a26&cbr=0&cr=0&vp=1&vers=5d5c45d&r=1&_a=27794735
date: Mon, 12 Dec 2022 10:17:12 GMT
server: cloudflare
cf-ray: 7785b57bde40bbdd-FRA
content-length: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
H2 200 seg_2.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/ Frame 81AE 1 MB
1 MB 95ms
95ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/seg_2.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNCwidXNlVk9ET1RGRSI6dHJ1ZSwidHJhY2siOiIzOTcwNmJmMjQzYzQ0OTMyMGQzYmQ2Mzg4NzIwNzMzYiIsInJlbmRpdGlvbiI6IjE4Nzg1ODA5OSIsIm11eGluZyI6IjIzODQ4MjgyOSJ9&s=JHvCgjnDvMOuKDxowpDDqw_Dh8KxwpjDlWhYYinDlHnCjMOVGcKVXRHCvSIbw4c
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9e7831cd5fbb95fa0a0ba8816be736fea99ad78008d7c1ad101987f6b4b77d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1337384
stream-dw-version: 2022.12.6
content-length: 1232325
last-modified: Thu, 23 Jun 2022 08:26:20 GMT
server: cloudflare
etag: "c8d36c43fa0bc99d75e97f5f8d78aa8d"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b57bee5dbbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Tue, 01 Nov 2022 05:06:21 GMT

GET
H2 200 seg_2.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/ Frame EF1E 1 MB
1 MB 154ms
154ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/seg_2.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNCwidXNlVk9ET1RGRSI6dHJ1ZSwidHJhY2siOiI0ZmRmMGEzMzU0NDZiNTRkYzgzMTYwZTIyMjM2Yzc3ZCIsInJlbmRpdGlvbiI6IjE4OTI1NDI5OCIsIm11eGluZyI6IjIzOTg3OTAzOCJ9&s=w4XCg3A5ZMONfQZZNBd6LFUrwp58ZsKOw4A1wrEsw4zCu8OvZyvClsKRBsKM
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e8a3d35675548b0b291a7fab3d95bbade8afcc6a611b4a6b2fee7d639a4928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1337384
stream-dw-version: 2022.12.6
content-length: 1163422
last-modified: Mon, 27 Jun 2022 08:02:12 GMT
server: cloudflare
etag: "58cfa901f39f3a2d29317a4fca61b468"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b57bee5fbbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Thu, 06 Oct 2022 09:12:57 GMT

GET
H2

204

media
customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/ Frame EF1E
Redirect Chain

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjoxLCJkIjowLCJzeiI6MCwidiI6IjdjODFmMWI0MmJlNGM0MTIyMTkzNjIzNDQxM2VmMmFjIiwidnAiOjEsInB2IjowLCJwaCI...
https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjoxLCJkIjowLCJzeiI6MCwidiI6IjdjODFmMWI0MmJlNGM0MTIyMTkzNjIzNDQxM2VmMmFjIiwidnAiOjEsInB2Ijo...

0
72 B

11ms
11ms

Image
text/plain

2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjoxLCJkIjowLCJzeiI6MCwidiI6IjdjODFmMWI0MmJlNGM0MTIyMTkzNjIzNDQxM2VmMmFjIiwidnAiOjEsInB2IjowLCJwaCI6MCwidmVycyI6IjVkNWM0NWQiLCJpIjoiZWEwMjBkY2ZhZTU5NDVmN2JhMWU2N2M1M2U1YmNkMTYiLCJpbnQiOnsidHdxYiI6MCwidHdxciI6MH0sInNlcSI6MX0sImJldiI6W10sInFldiI6W10sInNldiI6W10sImwiOjAsImIiOjAsInQiOjEsImQiOjAsInN6IjowLCJ2IjoiN2M4MWYxYjQyYmU0YzQxMjIxOTM2MjM0NDEzZWYyYWMiLCJpIjoiZWEwMjBkY2ZhZTU5NDVmN2JhMWU2N2M1M2U1YmNkMTYiLCJjYnIiOjAsImNyIjowLCJ2cCI6MSwidmVycyI6IjVkNWM0NWQiLCJyIjoxLCJyZXFfaWQiOiJlMjdjM2ViOC1hMDZjLTRmY2MtOTJhYS03N2MwMDRiMjgyNWIiLCJfdHMiOiIxNjcwODQwMjMyMzA5In0%3D&cs=VGhlIENsb3VkZmxhcmUgU3RyZWFtIHRlYW0gaXMgaGlyaW5nISBFbWFpbCByZW5hbkBjbG91ZGZsYXJlLmNvbQ%3D%3D&req_id=e27c3eb8-a06c-4fcc-92aa-77c004b2825b&_ts=1670840232309&l=0&b=0&t=1&d=0&sz=0&v=7c81f1b42be4c41221936234413ef2ac&i=ea020dcfae5945f7ba1e67c53e5bcd16&cbr=0&cr=0&vp=1&vers=5d5c45d&r=1&_a=27794735

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Server

2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7785b57c2ee3bbdd-FRA
x-frame-options: DENY

Redirect headers

location: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/cdn-cgi/beacon/media?m=eyJ0ciI6eyJyIjoxLCJsIjowLCJ0IjoxLCJkIjowLCJzeiI6MCwidiI6IjdjODFmMWI0MmJlNGM0MTIyMTkzNjIzNDQxM2VmMmFjIiwidnAiOjEsInB2IjowLCJwaCI6MCwidmVycyI6IjVkNWM0NWQiLCJpIjoiZWEwMjBkY2ZhZTU5NDVmN2JhMWU2N2M1M2U1YmNkMTYiLCJpbnQiOnsidHdxYiI6MCwidHdxciI6MH0sInNlcSI6MX0sImJldiI6W10sInFldiI6W10sInNldiI6W10sImwiOjAsImIiOjAsInQiOjEsImQiOjAsInN6IjowLCJ2IjoiN2M4MWYxYjQyYmU0YzQxMjIxOTM2MjM0NDEzZWYyYWMiLCJpIjoiZWEwMjBkY2ZhZTU5NDVmN2JhMWU2N2M1M2U1YmNkMTYiLCJjYnIiOjAsImNyIjowLCJ2cCI6MSwidmVycyI6IjVkNWM0NWQiLCJyIjoxLCJyZXFfaWQiOiJlMjdjM2ViOC1hMDZjLTRmY2MtOTJhYS03N2MwMDRiMjgyNWIiLCJfdHMiOiIxNjcwODQwMjMyMzA5In0%3D&cs=VGhlIENsb3VkZmxhcmUgU3RyZWFtIHRlYW0gaXMgaGlyaW5nISBFbWFpbCByZW5hbkBjbG91ZGZsYXJlLmNvbQ%3D%3D&req_id=e27c3eb8-a06c-4fcc-92aa-77c004b2825b&_ts=1670840232309&l=0&b=0&t=1&d=0&sz=0&v=7c81f1b42be4c41221936234413ef2ac&i=ea020dcfae5945f7ba1e67c53e5bcd16&cbr=0&cr=0&vp=1&vers=5d5c45d&r=1&_a=27794735
date: Mon, 12 Dec 2022 10:17:12 GMT
server: cloudflare
cf-ray: 7785b57bee6dbbdd-FRA
content-length: 0
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
35ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=606965958&t=event&cu=EUR&_s=2&dl=https%3A%2F%2Fwww.newsha.de%2F&ul=en-us&de=UTF-8&dt=Exklusive%20Haarpflege-%20%26%20Stylingprodukte%20%7C%20NEWSHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=Profitable%20Engagement&el=Custom%20Dimensions%20%26%20Metric&_u=6GBAAUIhAAAAACAAI~&jid=&gjid=&cid=1322615961.1670840231&tid=UA-173925650-3&_gid=1667211784.1670840231&gtm=2oubu0&cd1=NOT%20LOGGED%20IN&z=78243868

Requested by

Host: www.newsha.de
URL: https://www.newsha.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27281
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 seg_3.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/ Frame 81AE 910 KB
911 KB 109ms
109ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/seg_3.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNCwidXNlVk9ET1RGRSI6dHJ1ZSwidHJhY2siOiIzOTcwNmJmMjQzYzQ0OTMyMGQzYmQ2Mzg4NzIwNzMzYiIsInJlbmRpdGlvbiI6IjE4Nzg1ODA5OSIsIm11eGluZyI6IjIzODQ4MjgyOSJ9&s=JHvCgjnDvMOuKDxowpDDqw_Dh8KxwpjDlWhYYinDlHnCjMOVGcKVXRHCvSIbw4c
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 011ec2ab9ac57b3f9b7c3cce969c2601375a7db976f13c5cad124e62ad2780fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1254037
stream-dw-version: 2022.12.6
content-length: 932007
last-modified: Thu, 23 Jun 2022 08:26:21 GMT
server: cloudflare
etag: "500fe45d256f8d6f266af10806af6d42"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b57cf88abbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Thu, 13 Oct 2022 05:41:29 GMT

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
922 B 112ms
64ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1375660896&v=1.1&a=26056322&rcu=https%3A%2F%2Fwww.newsha.de%2F&pu=https%3A%2F%2Fwww.newsha.de%2F&t=Exklusive+Haarpflege-+%26+Stylingprodukte+%7C+NEWSHA&cts=1670840232506&vi=c21192a2e0102bd60e53a1a510fedadd&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: df7aa6fc-2205-4853-97e5-4a743b7ecd3c
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
last-modified: Mon, 12 Dec 2022 10:17:12 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww%2FtsOEl8LZBFDjsNI9X8BV%2FvlpwaMU1VeUsYhMq%2F4T4MRGd01uogP98axb8KGahMab7TP2O%2BEeKgKbFi4jDOJEg2OMYm7FYxr7mgcuZTjmrTNl%2BhJu%2B5bwZ7NAmRRVZWlOjA5A2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7785b57d7cfbbb7a-FRA
x-robots-tag: none

GET
H2 200 trustbadge.js Show response
widgets.trustedshops.com/assets/ 279 KB
76 KB 18ms
18ms Script
application/javascript 108.156.60.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/assets/trustbadge.js
Requested by: Host: widgets.trustedshops.com
URL: https://widgets.trustedshops.com/js/X0592FFD55BF6F6DF23B08388D9D5DB06.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-5.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b423918639702601651f0ae398269f64c6a8f0cf2da7f3715f43988bf3bd7869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:29:27 GMT
content-encoding: gzip
via: 1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 13:43:56 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 2866
etag: W/"e4b54a7cf2e70224be109de713bf6141"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: y4BcY9IGJ6s9iaaMNX8xQDvEC_RFT46Y1gX99vveIRMwDQcwxHQhrw==

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 68ms
31ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=96222&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=OVJ-e18wcllBVDY2RWdEM1RFbWpkR283WDN3ellvJTJCNTJpbzYwZENnMzQyYVBzMlpUZXltUlM0Y1pkVXd0b2oxdVVJRHQ4U1BrWXBZVmR5NWNCb2tyYk12OTFGWE1oSW5kaiUyRnVyUFJhZDFydE84b29TT0JNNXolMkIlMkI2d3UlMkJSN2Vlb2draGZpUmRXVHJHTFdjakFNb2UlMkZXOXVnJTJCUSUzRCUzRA&tld=newsha.de&dy=1&fu=https%253A%252F%252Fwww.newsha.de%252F&dtycbr=43995

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=96222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

73961dbd29897683c125e7f8d1f1d3182e4d7183831332ecb0015d476fbd64ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14960482
timing-allow-origin: *
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
43ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=606965958&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.newsha.de%2F&ul=en-us&de=UTF-8&dt=Exklusive%20Haarpflege-%20%26%20Stylingprodukte%20%7C%20NEWSHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scrolltracking&ea=10&el=%2F&_u=6GDAAUIhAAAAACAAI~&jid=1058801822&gjid=1831622612&cid=1322615961.1670840231&tid=UA-173925650-3&_gid=1667211784.1670840231&_r=1&gtm=2wgbu0T6TGVWJ&z=1376720997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsha.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsha.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6TGVWJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 09:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3152
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 11:24:40 GMT

GET
H2 200 seg_3.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/ Frame EF1E 1 MB
1 MB 141ms
141ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/seg_3.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNCwidXNlVk9ET1RGRSI6dHJ1ZSwidHJhY2siOiI0ZmRmMGEzMzU0NDZiNTRkYzgzMTYwZTIyMjM2Yzc3ZCIsInJlbmRpdGlvbiI6IjE4OTI1NDI5OCIsIm11eGluZyI6IjIzOTg3OTAzOCJ9&s=w4XCg3A5ZMONfQZZNBd6LFUrwp58ZsKOw4A1wrEsw4zCu8OvZyvClsKRBsKM
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8776b7a3e12a10e0934ac724db4867283c1da02e645f719f76f236c2fd4b92cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: HIT
age: 1337383
stream-dw-version: 2022.12.6
content-length: 1071438
last-modified: Mon, 27 Jun 2022 08:02:13 GMT
server: cloudflare
etag: "d04eb38b961c3be8f89ac9b505ba4b67"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b57d5974bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Mon, 17 Oct 2022 23:14:21 GMT

GET
H2 200 trustmark_120x120.png
widgets.trustedshops.com/assets/images/ 8 KB
8 KB 15ms
15ms Image
image/png 108.156.60.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.trustedshops.com/assets/images/trustmark_120x120.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-5.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45414d90709f784fcb63afe7b2827e4ebe5ebd9b94841a05629395f3943bbc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:47:53 GMT
via: 1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 13:43:56 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 1760
x-amz-server-side-encryption: AES256
etag: "d85f5c61a2d1e39cf0301c6a0779fc61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 8208
x-amz-cf-id: d48nHwRjd37oGbHckEjKp4fgB-N8krTaTOjb7kJpsCd3TWvMaCxGgA==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-173925650-3&cid=1322615961.1670840231&jid=1058801822&gjid=1831622612&_gid=1667211784.1670840231&_u=6GDAAUIhAAAAACAAI~&z=94994351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsha.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsha.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame F73F
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-iM2pimVUWiox0khS_lq1bXZGCP_Nuh9eeouuzg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iM2pimVUWiox0khS_lq1bXZGCP_Nuh9eeouuzg&expires=30

43 B
343 B

11ms
10ms

Image
image/gif

3.126.197.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iM2pimVUWiox0khS_lq1bXZGCP_Nuh9eeouuzg&expires=30
Protocol: H2
Server: 3.126.197.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-197-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-iM2pimVUWiox0khS_lq1bXZGCP_Nuh9eeouuzg&expires=30
date: Mon, 12 Dec 2022 10:17:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame F73F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-uAtOdmVUWiox0khS_lq1bXZGCP-udgxvi_7sPw&google_cm&google_hm=ay11QXRPZG1WVVdpb3gwa2hTX2xxMWJYWkdDUC11ZGd4d...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-uAtOdmVUWiox0khS_lq1bXZGCP-udgxvi_7sPw&google_cm=&google_hm=ay11QXRPZG1WVVdpb3gwa2hTX2xxMWJYWkdDUC11ZGd...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uAtOdmVUWiox0khS_lq1bXZGCP-udgxvi_7sPw&google_gid=CAESEP6PCDhoY1rYxrki4-DQjL0&google_cver=1&google_ula=913071,0

43 B
370 B

17ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uAtOdmVUWiox0khS_lq1bXZGCP-udgxvi_7sPw&google_gid=CAESEP6PCDhoY1rYxrki4-DQjL0&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1366300
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uAtOdmVUWiox0khS_lq1bXZGCP-udgxvi_7sPw&google_gid=CAESEP6PCDhoY1rYxrki4-DQjL0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame F73F
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1546932572949589679

43 B
372 B

77ms
26ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1546932572949589679

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10717953
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 10:17:12 GMT
AN-X-Request-Uuid: 138bb038-de26-466a-922d-574bed515aa1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1546932572949589679
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame F73F
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pGmQBGVUWiox0khS_lq1bXZGCP934YpYYacgOQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pGmQBGVUWiox0khS_lq1bXZGCP934YpYYacgOQ&C=1

43 B
867 B

61ms
50ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-pGmQBGVUWiox0khS_lq1bXZGCP934YpYYacgOQ&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BM2IIuZJTD2qHBqIyq7ldF7i2NXy%2FZndM3elJqdQTtiF2R9H4viMUK49Kx6sdAz3Egfo0RTvRWiNLE0pUe9LlSxQr%2BBZTqhbST6bjDPpxUgFLLRRpyB2mgmYQt1Y11%2BdZtQ"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7785b57ec8f85c56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc2Ps2GM5psQFar%2FUjYz7TRv1AP4kO7%2Fi0wAeg8XfgsJn2x3Oll6JnfBFlMQjauDyu5FSEraFpw%2Bq5EMt9bKkzOw9xg6K6HrNd1kfOzWPdF5nJIt8hdpYP4wTdOmBcL%2BiwGX"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-pGmQBGVUWiox0khS_lq1bXZGCP934YpYYacgOQ&C=1
cache-control: no-cache
cf-ray: 7785b57e8b41693f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame F73F
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-wLjOm2VUWiox0khS_lq1bXZGCP_GdUuQVHlNFw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wLjOm2VUWiox0khS_lq1bXZGCP_GdUuQVHlNFw

43 B
447 B

32ms
31ms

Image
image/gif

34.251.89.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wLjOm2VUWiox0khS_lq1bXZGCP_GdUuQVHlNFw
Protocol: H2
Server: 34.251.89.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-89-118.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 10:17:12 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wLjOm2VUWiox0khS_lq1bXZGCP_GdUuQVHlNFw
date: Mon, 12 Dec 2022 10:17:12 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame F73F 45 B
799 B 82ms
53ms Image
image/gif 104.79.88.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-U12NxmVUWiox0khS_lq1bXZGCP8ZwS6TF6-KLQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.79.88.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-129.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 10:17:12 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 12 Dec 2022 10:17:12 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame F73F 0
145 B 369ms
87ms Image
text/plain 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-XeHUNWVUWiox0khS_lq1bXZGCP_T-UyizQtn_w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 10:17:13 GMT
Cache-Control: no-cache
X-TraceId: 40bab2ba9e2604bb05f04a5222cd724b
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F73F 0
239 B 62ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-l2P3gGVUWiox0khS_lq1bXZGCP9qdz509e99zg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame F73F 0
35 B 57ms
8ms Image
text/plain 52.28.99.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-lITRCGVUWiox0khS_lq1bXZGCP84dBAnhmnC4Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.99.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-99-48.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F73F 43 B
163 B 115ms
17ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-r3lGNmVUWiox0khS_lq1bXZGCP-5qipTQ1XeuA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F73F 0
99 B 69ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-xQPswGVUWiox0khS_lq1bXZGCP-OUOxKnVCN2A
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13779

GET
H2 200 um
criteo-sync.teads.tv/ Frame F73F 23 B
172 B 113ms
72ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-5FlVCmVUWiox0khS_lq1bXZGCP_k0zAJykX61A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Mon, 12 Dec 2022 10:17:12 GMT
pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame F73F 37 B
140 B 31ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-heg9R2VUWiox0khS_lq1bXZGCP8qEPRUtyP6fg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame F73F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-UDBNeWVUWiox0khS_lq1bXZGCP_rmIOW07Sppw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-UDBNeWVUWiox0khS_lq1bXZGCP_rmIOW07Sppw&verify=true

0
121 B

9ms
9ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-UDBNeWVUWiox0khS_lq1bXZGCP_rmIOW07Sppw&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-UDBNeWVUWiox0khS_lq1bXZGCP_rmIOW07Sppw&verify=true
date: Mon, 12 Dec 2022 10:17:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame F73F 0
55 B 39ms
7ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-1-At62VUWiox0khS_lq1bXZGCP8YRCK1zv1KjA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:11 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame F73F 43 B
163 B 96ms
25ms Image
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-d9-kQWVUWiox0khS_lq1bXZGCP8oR1zAX-WFHg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
last-modified: Wed, 17 Apr 2019 14:00:27 GMT
server: nginx
accept-ranges: bytes
etag: "5cb7317b-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame F73F 49 B
235 B 64ms
24ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-LHV7qGVUWiox0khS_lq1bXZGCP9J8AnUE9OdQg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F73F
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vlhsnZWQsIPLZZCjUGs93K9mBe_7wFts
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vlhsnZWQsIPLZZCjUGs93K9mBe_7wFts

42 B
942 B

33ms
33ms

Image
image/gif

52.31.124.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vlhsnZWQsIPLZZCjUGs93K9mBe_7wFts

Protocol

HTTP/1.1

Server

52.31.124.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-124-224.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0f9127447.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qnl91s6cRFs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0687cfe76.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: tKDhqruqS/M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vlhsnZWQsIPLZZCjUGs93K9mBe_7wFts
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame F73F 43 B
1 KB 33ms
7ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-5wZi72VUWiox0khS_lq1bXZGCP9IFQOKIPN6LQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 12 Dec 2022 10:17:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame F73F 42 B
274 B 106ms
40ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-zOxxOWVUWiox0khS_lq1bXZGCP8YVqD6-wveTw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame F73F 0
878 B 35ms
9ms Image
text/html 54.93.179.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-2KpCa2VUWiox0khS_lq1bXZGCP8PpIox8wFZUg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.179.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-179-84.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:12 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame F73F 42 B
581 B 167ms
17ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-zyJITWVUWiox0khS_lq1bXZGCP8c_Gh-It0jxg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 12 Dec 2022 10:17:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame F73F 43 B
183 B 356ms
106ms Image
image/gif 2600:1f18:612b:4264:f0dc:d918:bf86:3244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-M5PBZGVUWiox0khS_lq1bXZGCP8txYtBqvGXdg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:f0dc:d918:bf86:3244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 12 Dec 2022 10:17:13 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame F73F 43 B
153 B 86ms
28ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-8-9irGVUWiox0khS_lq1bXZGCP-cn_yQpQWfwg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 10:17:12 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame F73F 0
525 B 48ms
19ms Image
text/plain 23.44.72.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-olsWj2VUWiox0khS_lq1bXZGCP-QQIxQle0zzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.44.72.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-72-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 11 Dec 2022 10:17:12 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame F73F 43 B
220 B 127ms
30ms Image
image/gif 54.194.137.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-nGTQ7mVUWiox0khS_lq1bXZGCP8uK0-pHF51ow&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.137.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-137-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-173925650-3&cid=1322615961.1670840231&jid=1058801822&_u=6GDAAUIhAAAAACAAI~&z=1885060913

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 125ms
51ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-173925650-3&cid=1322615961.1670840231&jid=1058801822&_u=6GDAAUIhAAAAACAAI~&z=1885060913

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F73F
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=6J9KA7HrBGqrSqjsBDOC0NSXsOL9FiBr

0
338 B

105ms
27ms

Image
text/plain

54.72.96.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=6J9KA7HrBGqrSqjsBDOC0NSXsOL9FiBr
Protocol: H2
Server: 54.72.96.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-96-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by: beacon-n017-dub-prod.krxd.net
date: Mon, 12 Dec 2022 10:17:13 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1670840233
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=6J9KA7HrBGqrSqjsBDOC0NSXsOL9FiBr
date: Mon, 12 Dec 2022 10:17:12 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1722952
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame F73F
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=d0FrXunMmr8hVU9WO_IdesqGYsxDQImN

35 B
268 B

366ms
115ms

Image
image/gif

3.133.55.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=d0FrXunMmr8hVU9WO_IdesqGYsxDQImN
Protocol: H2
Server: 3.133.55.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-133-55-161.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 10:17:13 GMT
x-bt-requestid: 255df360-7a06-11ed-ab0c-0000ac17014b
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=d0FrXunMmr8hVU9WO_IdesqGYsxDQImN
date: Mon, 12 Dec 2022 10:17:12 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1183584
content-length: 0

GET
H2 200 seg_2.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/ Frame 81AE 2 KB
2 KB 108ms
108ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/seg_2.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNTMzMzMzMzMzMzMzLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjYzOGUzNDE5Zjc3NGY5YmFjOWZiNWVmN2Q1NTBmNWQzIiwicmVuZGl0aW9uIjoiMTg3ODU4MDc5IiwibXV4aW5nIjoiMjM4NDgyODA5In0&s=KcKXV8KAZAhJCELCqcKDw6pTYcKTwpXDslI_AUrCgcKWwrlKw4kcwpPDik9ALg
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6982eee85c886209cad24d7d8a422ffcb612fd1fb3a1df61b27e66ffb283845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:13 GMT
cf-cache-status: HIT
age: 1254037
stream-dw-version: 2022.12.6
content-length: 2082
last-modified: Thu, 23 Jun 2022 08:26:13 GMT
server: cloudflare
etag: "a3b5be0146fe67bbde22c8edb386758d"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b5809fd9bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 01 Jul 2022 14:47:59 GMT

GET
H2 200 seg_3.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/ Frame 81AE 2 KB
2 KB 103ms
103ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/seg_3.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNTMzMzMzMzMzMzMzLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjYzOGUzNDE5Zjc3NGY5YmFjOWZiNWVmN2Q1NTBmNWQzIiwicmVuZGl0aW9uIjoiMTg3ODU4MDc5IiwibXV4aW5nIjoiMjM4NDgyODA5In0&s=KcKXV8KAZAhJCELCqcKDw6pTYcKTwpXDslI_AUrCgcKWwrlKw4kcwpPDik9ALg
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f427fe08942a89b9e5c3fd59f391ab371402e197b6ea66abfe74d0a64f0b7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:13 GMT
cf-cache-status: HIT
age: 1337383
stream-dw-version: 2022.12.6
content-length: 2082
last-modified: Thu, 23 Jun 2022 08:26:13 GMT
server: cloudflare
etag: "f2bddbbad052ef2a83ac11bb5fed4479"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b5814944bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 25 Nov 2022 06:44:06 GMT

GET
H2 200 seg_4.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/ Frame 81AE 1 KB
1 KB 100ms
100ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/audio/4/seg_4.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNTMzMzMzMzMzMzMzLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjYzOGUzNDE5Zjc3NGY5YmFjOWZiNWVmN2Q1NTBmNWQzIiwicmVuZGl0aW9uIjoiMTg3ODU4MDc5IiwibXV4aW5nIjoiMjM4NDgyODA5In0&s=KcKXV8KAZAhJCELCqcKDw6pTYcKTwpXDslI_AUrCgcKWwrlKw4kcwpPDik9ALg
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34d039b3c9dbe25ed70035283d1cdffaa1cc3c76665b324d9f5a1802797ecfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:13 GMT
cf-cache-status: HIT
age: 1337382
stream-dw-version: 2022.12.6
content-length: 1030
last-modified: Thu, 23 Jun 2022 08:26:13 GMT
server: cloudflare
etag: "7ed73db2c81497f4d331730e2e6c2f20"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b581eae3bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 05 Aug 2022 04:09:03 GMT

GET
H2 200 seg_2.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/ Frame EF1E 2 KB
2 KB 130ms
130ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/seg_2.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNTMzMzMzMzMzMzMzLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjUyYTA4MmRhNWFhMDY3MjkwNGI0NDRiYmJmZjE0ZDY1IiwicmVuZGl0aW9uIjoiMTg5MjU0MzEwIiwibXV4aW5nIjoiMjM5ODc5MDUwIn0&s=cMOQw6bDhsORH2Fqw4LDvsOec8KRwo7DksOswo7Ck3JKByLDh8ONbGPCg8KEOMKgWkI
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6982eee85c886209cad24d7d8a422ffcb612fd1fb3a1df61b27e66ffb283845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:13 GMT
cf-cache-status: HIT
age: 1254037
stream-dw-version: 2022.12.6
content-length: 2082
last-modified: Mon, 27 Jun 2022 08:02:08 GMT
server: cloudflare
etag: "a3b5be0146fe67bbde22c8edb386758d"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b5821b2ebbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 01 Jul 2022 14:46:49 GMT

GET
H2 200 seg_3.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/ Frame EF1E 2 KB
2 KB 159ms
159ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/seg_3.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNTMzMzMzMzMzMzMzLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjUyYTA4MmRhNWFhMDY3MjkwNGI0NDRiYmJmZjE0ZDY1IiwicmVuZGl0aW9uIjoiMTg5MjU0MzEwIiwibXV4aW5nIjoiMjM5ODc5MDUwIn0&s=cMOQw6bDhsORH2Fqw4LDvsOec8KRwo7DksOswo7Ck3JKByLDh8ONbGPCg8KEOMKgWkI
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f427fe08942a89b9e5c3fd59f391ab371402e197b6ea66abfe74d0a64f0b7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:13 GMT
cf-cache-status: HIT
age: 1337383
stream-dw-version: 2022.12.6
content-length: 2082
last-modified: Mon, 27 Jun 2022 08:02:12 GMT
server: cloudflare
etag: "f2bddbbad052ef2a83ac11bb5fed4479"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b582ecdcbbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Mon, 07 Nov 2022 17:48:39 GMT

GET
H2 200 seg_4.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/ Frame EF1E 1 KB
1 KB 82ms
82ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/audio/4/seg_4.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNTMzMzMzMzMzMzMzLCJ1c2VWT0RPVEZFIjp0cnVlLCJ0cmFjayI6IjUyYTA4MmRhNWFhMDY3MjkwNGI0NDRiYmJmZjE0ZDY1IiwicmVuZGl0aW9uIjoiMTg5MjU0MzEwIiwibXV4aW5nIjoiMjM5ODc5MDUwIn0&s=cMOQw6bDhsORH2Fqw4LDvsOec8KRwo7DksOswo7Ck3JKByLDh8ONbGPCg8KEOMKgWkI
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34d039b3c9dbe25ed70035283d1cdffaa1cc3c76665b324d9f5a1802797ecfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:13 GMT
cf-cache-status: HIT
age: 881399
stream-dw-version: 2022.12.6
content-length: 1030
last-modified: Mon, 27 Jun 2022 08:02:15 GMT
server: cloudflare
etag: "7ed73db2c81497f4d331730e2e6c2f20"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b583eecabbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Wed, 30 Nov 2022 04:11:33 GMT

GET
H2 200 seg_4.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/ Frame 81AE 543 KB
544 KB 130ms
130ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/video/720/seg_4.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiIwYTQzMjI0NjcwNmRjMzU4YzkyOTRkNWU4YjhkMDcyYiIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNCwidXNlVk9ET1RGRSI6dHJ1ZSwidHJhY2siOiIzOTcwNmJmMjQzYzQ0OTMyMGQzYmQ2Mzg4NzIwNzMzYiIsInJlbmRpdGlvbiI6IjE4Nzg1ODA5OSIsIm11eGluZyI6IjIzODQ4MjgyOSJ9&s=JHvCgjnDvMOuKDxowpDDqw_Dh8KxwpjDlWhYYinDlHnCjMOVGcKVXRHCvSIbw4c
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0a432246706dc358c9294d5e8b8d072b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31334fc8c30b2a9d7678c936779df81a0074486a800a8d9800971c34704f7346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/0a432246706dc358c9294d5e8b8d072b/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F0a432246706dc358c9294d5e8b8d072b%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:13 GMT
cf-cache-status: HIT
age: 1140403
stream-dw-version: 2022.12.6
content-length: 556486
last-modified: Thu, 23 Jun 2022 08:26:21 GMT
server: cloudflare
etag: "18c9f8e90a18269b7280de7929cb4268"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b584a822bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 01 Jul 2022 14:48:25 GMT

GET
H2 200 seg_4.mp4 Show response
customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/ Frame EF1E 615 KB
616 KB 97ms
97ms Fetch
video/mp4 2606:4700::6810:5d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/video/1080/seg_4.mp4?p=eyJ0eXBlIjoic2VnbWVudCIsInZpZGVvSUQiOiI3YzgxZjFiNDJiZTRjNDEyMjE5MzYyMzQ0MTNlZjJhYyIsIm93bmVySUQiOjI3Nzk0NzM1LCJjcmVhdG9ySUQiOiIiLCJzZWdtZW50RHVyYXRpb25TZWNzIjo0LjAwNCwidXNlVk9ET1RGRSI6dHJ1ZSwidHJhY2siOiI0ZmRmMGEzMzU0NDZiNTRkYzgzMTYwZTIyMjM2Yzc3ZCIsInJlbmRpdGlvbiI6IjE4OTI1NDI5OCIsIm11eGluZyI6IjIzOTg3OTAzOCJ9&s=w4XCg3A5ZMONfQZZNBd6LFUrwp58ZsKOw4A1wrEsw4zCu8OvZyvClsKRBsKM
Requested by: Host: customer-2so3acq3hzsb0mrj.cloudflarestream.com
URL: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=7c81f1b42be4c41221936234413ef2ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75ae21fba95e91a85f9e377aa1c5e1cb43368c2a0b0136319fae05767b801205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customer-2so3acq3hzsb0mrj.cloudflarestream.com/7c81f1b42be4c41221936234413ef2ac/iframe?muted=true&preload=true&loop=true&autoplay=true&poster=https%3A%2F%2Fcustomer-2so3acq3hzsb0mrj.cloudflarestream.com%2F7c81f1b42be4c41221936234413ef2ac%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600&controls=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:17:13 GMT
cf-cache-status: HIT
age: 1254036
stream-dw-version: 2022.12.6
content-length: 629975
last-modified: Mon, 27 Jun 2022 08:02:13 GMT
server: cloudflare
etag: "3155e37ff9fe8c15240d52fee2b8189f"
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
accept-ranges: bytes
cf-ray: 7785b584a823bbdd-FRA
access-control-allow-headers: range
timing-allow-origin: embed.cloudflarestream.com,embed.videodelivery.net,iframe.videodelivery.net,iframe.cloudflarestream.com
expires: Fri, 25 Nov 2022 06:44:08 GMT

GET
H3 200 common.js Show response
maps.google.com/maps-api-v3/api/js/51/3/intl/de_ALL/ 249 KB
68 KB 116ms
41ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/51/3/intl/de_ALL/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCPte46aAdQUBEvVZyfLc3A9efH0OWi5Y4&libraries=places,geometry

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1611775cfd08b4513858c3ffb367d9eaa878bbe91fd10a24e839f27d62dfc982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69805
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:12:12 GMT

GET
H3 200 util.js Show response
maps.google.com/maps-api-v3/api/js/51/3/intl/de_ALL/ 166 KB
61 KB 111ms
37ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/51/3/intl/de_ALL/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCPte46aAdQUBEvVZyfLc3A9efH0OWi5Y4&libraries=places,geometry

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a30fb25d3c0b2ffeb33461e4983758e009b8ee5bf25b20d51436498aec7a26e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsha.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62770
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:12:12 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cdn.newsha.com/	1970-01-20 08:09:08	Name: PHPSESSID Value: gml63f123dlfqf9a412nh2bm0a
www.newsha.de/	1969-12-31 23:59:59	Name: form_key Value: 81CwkDyKaCfEsOLS
www.newsha.de/	1970-01-20 08:08:46	Name: mage-cache-storage Value: %7B%7D
www.newsha.de/	1970-01-20 08:08:46	Name: mage-cache-storage-section-invalidation Value: %7B%7D
.www.newsha.de/	1970-01-20 08:09:08	Name: PHPSESSID Value: r9l0ct1qhhp9efe88in3r62off
www.newsha.de/	1970-01-20 08:08:46	Name: mage-cache-sessid Value: true
www.newsha.de/	1970-01-20 08:08:46	Name: recently_viewed_product Value: %7B%7D
www.newsha.de/	1970-01-20 08:08:46	Name: recently_viewed_product_previous Value: %7B%7D
www.newsha.de/	1970-01-20 08:08:46	Name: recently_compared_product Value: %7B%7D
www.newsha.de/	1970-01-20 08:08:46	Name: recently_compared_product_previous Value: %7B%7D
www.newsha.de/	1970-01-20 08:08:46	Name: product_data_storage Value: %7B%7D
www.newsha.de/	1970-01-20 08:08:46	Name: mage-messages Value:
.newsha.de/	1970-01-20 10:16:56	Name: _gcl_au Value: 1.1.1676295787.1670840231
.newsha.de/	1970-01-20 10:16:56	Name: _fbp Value: fb.1.1670840231217.783807740
.www.newsha.de/	1970-01-20 08:09:08	Name: form_key Value: 81CwkDyKaCfEsOLS
.newsha.de/	1970-01-20 08:08:46	Name: _gid Value: GA1.2.1667211784.1670840231
www.newsha.de/	1970-01-20 17:43:20	Name: trbo_usr Value: 9221f684bfcf990fee0b68cfcc6da415
www.newsha.de/	1970-01-20 08:07:22	Name: trbo_session Value: 1219911633
www.newsha.de/	1970-01-20 17:43:20	Name: trbo_us_14003 Value: %7B%22saleCount%22%3A0%2C%22sessionCount%22%3A1%2C%22brandSessionCount%22%3A1%2C%22pageViewCountTotal%22%3A1%2C%22sessionDurationTotal%22%3A0%2C%22externalUserId%22%3A%22%22%2C%22userCreateTime%22%3A1670840231%7D
www.newsha.de/	1970-01-20 08:07:22	Name: trbo_sess_14003 Value: %7B%22firstClickTime%22%3A1670840231%2C%22lastClickTime%22%3A1670840231%2C%22pageViewCount%22%3A1%2C%22sessionDuration%22%3A0%7D
.criteo.com/	1970-01-20 17:28:56	Name: uid Value: 1e88e2f3-be92-4f46-a070-350945c9b8e1
.newsha.de/	1970-01-20 08:07:20	Name: _gat_gtag_UA_173925650_3 Value: 1
.newsha.de/	1970-01-20 17:36:44	Name: cto_bundle Value: OVJ-e18wcllBVDY2RWdEM1RFbWpkR283WDN3ellvJTJCNTJpbzYwZENnMzQyYVBzMlpUZXltUlM0Y1pkVXd0b2oxdVVJRHQ4U1BrWXBZVmR5NWNCb2tyYk12OTFGWE1oSW5kaiUyRnVyUFJhZDFydE84b29TT0JNNXolMkIlMkI2d3UlMkJSN2Vlb2draGZpUmRXVHJHTFdjakFNb2UlMkZXOXVnJTJCUSUzRCUzRA
.www.newsha.de/	1970-01-20 08:21:44	Name: amcookie_policy_restriction Value: allowed
.newsha.de/	1970-01-20 17:43:20	Name: _ga_HQ258C53G9 Value: GS1.1.1670840231.1.0.1670840232.0.0.0
.newsha.de/	1970-01-20 17:43:20	Name: _ga Value: GA1.2.1322615961.1670840231
.newsha.de/	1970-01-20 08:07:20	Name: _gat_UA-173925650-3 Value: 1
.hubspot.com/	1970-01-20 08:07:22	Name: __cf_bm Value: fp_JtShhCtIKFYI5sExN2c72.aYeq6yJEISemplMQAY-1670840232-0-AWivFG6h5IqQY+HODewHymE+QZN4P1g4y1/uO28FBm24xbQh71acj0rjVS7QQ75+P2rIemynZnNNSi/0elQFtbc=
.adnxs.com/	1970-01-20 10:16:56	Name: uuid2 Value: 1546932572949589679
.casalemedia.com/	1970-01-20 16:52:56	Name: CMID Value: Y5b-qLfMWmXoSYsyDbLpYwAA
.casalemedia.com/	1970-01-20 10:16:56	Name: CMPS Value: 1208
.casalemedia.com/	1970-01-20 10:16:56	Name: CMPRO Value: 1208
.media.net/	1970-01-20 16:52:56	Name: visitor-id Value: 3138418328397157000V10
.media.net/	1970-01-20 08:50:32	Name: data-c-ts Value: 1670840232
.media.net/	1970-01-20 08:50:32	Name: data-c Value: k-U12NxmVUWiox0khS_lq1bXZGCP8ZwS6TF6-KLQ~~3
.bidswitch.net/	1970-01-20 16:52:56	Name: tuuid Value: aba06ff7-4e70-458c-9177-54cfca1cba7e
.bidswitch.net/	1970-01-20 16:52:56	Name: c Value: 1670840232
.bidswitch.net/	1970-01-20 16:52:56	Name: tuuid_lu Value: 1670840232
.casalemedia.com/	1970-01-20 10:16:56	Name: CMTS Value: 3254
.360yield.com/	1970-01-20 10:16:56	Name: tuuid Value: 07e9b036-a45f-41c5-8b64-f171fe75e5c1
.360yield.com/	1970-01-20 10:16:56	Name: tuuid_lu Value: 1670840232
.id5-sync.com/	1970-01-20 08:07:20	Name: cf Value:
.id5-sync.com/	1970-01-20 08:07:20	Name: cip Value:
.id5-sync.com/	1970-01-20 08:07:20	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:07:20	Name: car Value:
.id5-sync.com/	1970-01-20 08:07:20	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:07:20	Name: callback Value:
.360yield.com/	1970-01-20 10:16:56	Name: um Value: !38,L4MzoIukmCMrhhG8qsGuoL9JXXNMSMuDx748Xevy.uWPMfMYTYioERL0oZjj0F823bQYCpyx,1678616232
.360yield.com/	1970-01-20 10:16:56	Name: umeh Value: !38,0,1733048232,-1
.demdex.net/	1970-01-20 12:26:32	Name: demdex Value: 74883216237071073983411676602776982075
exchange.mediavine.com/	1970-01-20 08:27:29	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2225124460-7a06-11ed-8690-8709a8e272cb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:29	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2225124460-7a06-11ed-8690-8709a8e272cb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:29	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2225124460-7a06-11ed-8690-8709a8e272cb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:29	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2225124460-7a06-11ed-8690-8709a8e272cb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:27:29	Name: criteo Value: %7B%22id%22%3A%22k-2KpCa2VUWiox0khS_lq1bXZGCP8PpIox8wFZUg%22%2C%22version%22%3A%22criteo%22%7D
.doubleclick.net/	1970-01-20 17:28:56	Name: IDE Value: AHWqTUnhPh7B_zUfSu9kRFJl6kfD1nTFUjX5MUPUIaJLv4Ih51Qvo1NqjTR8jlfCP50
.yahoo.com/	1970-01-20 16:53:17	Name: A3 Value: d=AQABBKj_lmMCEPLsinVIe6r7qXJAWtZwKNgFEgEBAQFRmGOgYwAAAAAA_eMAAA&S=AQAAAtuHAw-eZcoOz9phG3M8MmE
.dpm.demdex.net/	1970-01-20 12:26:32	Name: dpm Value: 74883216237071073983411676602776982075
.analytics.yahoo.com/	1970-01-20 16:52:56	Name: IDSYNC Value: 18zh~28sy
.pubmatic.com/	1970-01-20 08:50:32	Name: KRTBCOOKIE_97 Value: 3385-uid:k-zyJITWVUWiox0khS_lq1bXZGCP8c_Gh-It0jxg&KRTB&23144-uid:k-zyJITWVUWiox0khS_lq1bXZGCP8c_Gh-It0jxg&KRTB&23286-uid:k-zyJITWVUWiox0khS_lq1bXZGCP8c_Gh-It0jxg&KRTB&23287-uid:k-zyJITWVUWiox0khS_lq1bXZGCP8c_Gh-It0jxg
.pubmatic.com/	1970-01-20 08:50:32	Name: PugT Value: 1670840233
.krxd.net/	1970-01-20 12:26:32	Name: _kuid_ Value: PQM3YQbT
www.newsha.de/	1970-01-20 08:08:46	Name: section_data_ids Value: %7B%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
api-v4.trbo.com
api.widget.trengo.eu
beacon.krxd.net
cdn.newsha.com
cm.adform.net
cm.g.doubleclick.net
collect.trbo.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
customer-2so3acq3hzsb0mrj.cloudflarestream.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.gstatic.com
forms-eu1.hsforms.com
forms-eu1.hubspot.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
integrations.etrusted.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
maps.google.com
maps.googleapis.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.trbo.com
static.widget.trengo.eu
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
track-eu1.hubspot.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widgets.trustedshops.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.newsha.de
x.bidswitch.net
104.75.89.75
104.79.88.129
108.156.60.5
13.32.99.30
141.226.228.48
141.95.98.64
142.250.186.162
172.64.154.237
172.65.192.122
172.65.193.34
172.65.202.201
172.65.208.22
172.65.232.43
172.65.238.60
172.65.240.166
178.250.0.163
178.250.2.146
178.250.2.151
185.255.84.153
185.64.190.80
185.86.139.106
2001:4860:4802:32::15
2001:4860:4802:32::36
23.44.72.208
2600:1f18:612b:4264:f0dc:d918:bf86:3244
2606:4700:20::681a:3a2
2606:4700:20::ac43:4698
2606:4700::6810:5d72
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9c
2a02:2638:1::13
2a02:2638:1::d
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
3.126.197.232
3.126.56.137
3.127.193.212
3.133.55.161
3.71.169.66
34.117.157.22
34.251.89.118
35.190.85.25
37.157.250.10
37.157.3.28
37.252.171.53
52.28.99.48
52.31.124.224
54.194.137.201
54.72.96.20
54.93.179.84
64.202.112.255
69.173.144.138
76.223.111.18
85.215.5.31
009ee8f14f4f7695fc9ba695ef822ef1bbc9a378c3b9030db55bbee416fe3910
011ec2ab9ac57b3f9b7c3cce969c2601375a7db976f13c5cad124e62ad2780fe
02fb73024c3e21b986fd1327859d0fc8c135c29b38abc8e2fb7f1a3cb7e067e0
040e80dde891f786faff34911f851f8f48eeeabedde5b05f91b1f04a03792f1f
04eaa3862b8be663442d4db2ed6d890678917bdc6865bf6add6dacc097bb51c8
0792d5285778bb59de16512d07ace9d728a161c5006148717d9eea6223ebf84b
0e6734d2a02d8678082727ed8232187f3963868ad7d0fe7e1986a15b1116f55d
0efcabac8c60056bf3b68a8cd5375312e9402b11a195d4318bc38d5a06322024
0f285340fde233e4bf0042716b33a9aae7ef38bf6768663286012870f5a648cb
0f9c62e9335910a92d07ad3979e06ed8918a82e2e2a4e5f5eddf26b41cd9bef2
1016317ef8f2c78fee05e067b821abac4b862d9b73167838e551476d93e33679
10b1d18c05f63c6da2c4aac828e8dd2987b3a70dec58f0d990469ab4b53f69de
10e62c054e88c52acded7d2a9aab7da5de4559aec8231e1b37bbac32c9ad0191
134753bacc72bbb158e8b6b4de90a6c4a5d4003825dccf8ce0bced74916ddae0
13d86a7400985371156fe36a6328f78f03a54658a8b34bc0d17d18a65c4a373e
15024e82d4c83556ac2953d00dd7dd35dbccb24470cf4fc44f4c58571d6fefc0
15845a89393dfe06834c8e0e967cf52de47b16be81d84321fb19925237761d57
159ed24e547daeb356b9f7f1dbfbce768f1f61f3585579c100f1e483768344ab
1611775cfd08b4513858c3ffb367d9eaa878bbe91fd10a24e839f27d62dfc982
179b147a5e47f4389df722fea8f7d611813ddde7c5a8dd86f3123bd890214fc0
18fd4a267b6893658849bb29e1f66e31c7db00e0eab19af6d04f4510dab8f4fc
190b3494046538a6ad22ed2b8568b77ca12e1dd6f985d810fcbd292d0b9a563d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb8923821db574c940a5b194385c0a9c50fad0f3adcee1530c99544161e9c14
20444cc6bd612c6afa751c3d9dc7d195210646551a61c5d23272552c625bc6c3
21f51718f00abb0b20d8ad1818533521a7567c2224814b495485684a997f3fb7
22ca1b292aff5e945e72c359d2d9ca7f199b1c9b567216c72736a9f79c4c8d3e
234bead210e3d6f430e2c3f31a01247ebc480a47953e5775ec993e21f24e1ef6
247fadaeeb5ad289cd92e0946aa73295194bb043b75b3751d419dc6f1db1fa5a
2756771cabe2de556b24aab021eea70862246e902a8e0aa71dea45d66d2e90d4
2991e7380e1e30a887e493dc6f18c9f7594cba375904f96edeb8612138834f1b
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
2b7ce824308da02595fb3c3ea70c4aebfdcbe04764571800cccb14176c47cbc3
2da07779d6fe8a42677d9fb46006905ec8e7a64dfac45f718c0277af900577a0
2f28fd0428304294878ed94bfd2972fd08a42d8ccbb3a1164168bc75ae625e7b
2fddb176df9169a586f6c04801be8ce1299d4c4613e9c03a589ef1517a77a02d
31334fc8c30b2a9d7678c936779df81a0074486a800a8d9800971c34704f7346
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3602ffdeb1b2ef2ac37087e2d0258e91f469d27f78d02bf8a19d6a022c3ec8f6
38b68726937bb190e35fb2dcd662944ee76166d11ccd5006aef4d6e6f6ae86ae
3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4d1c442d78bf51c8e029957c4b45f6f3c7539a5c24fc3edcd18aa94f40e8db
44e28dde2ff11782b6bc97c5ae5126ef4776c902a6bec5aa2ce60e3c9564064d
451eb9ba5cc40692204df78795279b2891e2d2f5cf4ebbb85a59f9046f94f9df
45414d90709f784fcb63afe7b2827e4ebe5ebd9b94841a05629395f3943bbc2a
4775aada9fe5cd929bc993a5e0f7661802af48e943464e41a17ff7a584afd21a
496321a74ab8dba0a54414e1e1906abbbf4a630b81c474a85ce7839ecb8eba69
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4c93c40e39658aebd2334c2dcb54dc54e4178e812bb270fd949935e115caf00c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
4fea5c668fac1f2ce3e5accf56f1966b2aefffbd6d784ee1445ed8ece7f9beeb
51120e0ea1e3c5b03041054f7901514ed3a901ab112cda7cc30a1ba0ad6fa547
52865a7c4014cfdbdd10302587e9123d72de1d1189d6312370ea5530ab46638f
5327ee259b28c6a0dc3d706e88c285dd8e12d3db92d41afbbeae30a35980a88b
532c2fb90c6cad47230e580dc09372ebde5ad025e7a89a692a14c016292f02b0
545be702789b0f0da0c2a50b5935d4bb34c6438cd753354681f80fa0982a48b7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a7191aad4c7e3e52b3cf57bd10d1515be4fed820a04f6728aa695a479eb9d6
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58087d7c89a5ee77ca06521fd8a3a0bee4b1bd7b85505d93c91fd84faa0243f1
594f6f569a0be45027f0ebaa99345798a117b8b5aae5fd003789351bffb9ada9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dcc7947df8139ec78050d2d5301095e3af2125599311b9c928155b13df76596
60f6b3a514b1b8c8569421d29f193d9da9f12d2cabb7bd8339f53035030bb175
63c28d62cd0f358a0779c552d825757c95e8f4e26ce70511b20c22b48d9da284
67ba7536a6925a22e5a74f9a8b9ddc0b73f1f17011c18b545e17ca2155f00ef1
6809165acbeac09630fe72d97f42a22922fd8bb878cffa3c4ae75e53ae7894ba
69fd4fd58ab3812b5b43a91478b13191fee58a0a438a5901345c89ea4991e9ca
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c976fab8d5d40cc6839269a22d65b4b6f31a4f9937bd675b4df02dc5ecf876b
6f427fe08942a89b9e5c3fd59f391ab371402e197b6ea66abfe74d0a64f0b7e4
70973d6498cb3403773c14c9ce5d8a60989b5fa227a168dcfc84e4e0293bf073
70cce38ac8e3bbba89beb9cba6cadc24e495a5131bab9dc815af702121effa86
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
73961dbd29897683c125e7f8d1f1d3182e4d7183831332ecb0015d476fbd64ac
75ae21fba95e91a85f9e377aa1c5e1cb43368c2a0b0136319fae05767b801205
799de639bcdc5c354d3a92374118290150ff3bf966113fff514f8bdcdc9117d1
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
801bbecfe24ea20eb49f8d9bbada36d10d17b1389f13ff46152c6119612cfb8f
80e7ed4fe6e9016456057ea5ecd4898d3a461e595a8244a7538e1a814889d471
822b420a26f975b43cce1d96f82e0087c087935c6b6069447d8318a2d81921f8
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8432d08d31bda39f6280ea6cc799654baabcfdc4bb5f87fd1842af3ae5f3c0fb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87702195a07a986a77d2ae5439c0497f47a49fcd59f2139ca648fee02e2da13c
8776b7a3e12a10e0934ac724db4867283c1da02e645f719f76f236c2fd4b92cf
8905844677c345315adf0d008de3658dd541ab864c2f1950e68e651e85be09ba
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cf73ae351176a67feb39eaef6ce7dcd8cbec24e215124be730a415e2bca7cd9
91f42039dc83f19e6b7e139bc9ca38e81c051d3311561619eeb6685d9dbe43f6
925a4821693bdc5a3efca443e0436b96c0548155537b7887f8b8e649722e9a40
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0
993ecc77d2083270d8cf67a141865723e0933baf9ef4982d1835ea6a4dcd4483
998cdd8c7423ed0f9e93d1d5be953963a61fd213b20bf7337d71ba66ced520af
9cbb7b011afa85a818dfd9501058ab37504c51521e4b3e1623d3d1e4d8dd5879
9eb55330adb7d2fec653c5b5b712c5e68cff9cc40f20ec82719c9be1f639be10
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a30fb25d3c0b2ffeb33461e4983758e009b8ee5bf25b20d51436498aec7a26e4
a475323ff0a8d2162aeeb9feb56a0b0793eb6f038dc663ecaced6c4819fff713
a7e49ccdecfde5faf1fc5998e8cfc36cebfbc17d95b04fd22fb1f42c54cb9630
a7f962bc349cc02e300bde90f82bce331a7a5b07fa59dbe288d875782d40838a
a9bcb12288161d904240cc3df0d9d273cb86fd6c83c8f331c6e9d54e6a4e28e1
a9e7831cd5fbb95fa0a0ba8816be736fea99ad78008d7c1ad101987f6b4b77d2
ae11c52527407c5c4195981522ca6a949f03433986684b82c3b85721ba14d6c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3466e0e315494e28de5f3dd08b0b2eeddc0a27ab5b82632ab5eb12484c9a91b
b34d039b3c9dbe25ed70035283d1cdffaa1cc3c76665b324d9f5a1802797ecfd
b367d278abdbff97dcca334e31b1714fae2f7922f2347c5e76a6fd2c67f15079
b423918639702601651f0ae398269f64c6a8f0cf2da7f3715f43988bf3bd7869
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b46c8b4c1da627cc039172d587090bdee8dbad4081db50045dabe6103fb5f1c9
b510c7339c05d338bd31630bab1d9e72044e6d9640a91cce9acd86ce7629b466
ba99c936d381e52b96fcd04b471ac210f536e31249a5803300e3004533766f08
babbaabcaee0957afc00106279fb412d5f90e4a508b9ebf6b8c8b040f39f0278
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbeac36cf8ac67cf2f2d56640d18edd16784b1ddb776d3abdc8b45c14ded29d2
bc1888f06cbfdb3ae8b06e3d1d8f2cfa88e801212a375d40eff3dc0208c9e3df
c29199928972257f07bd631c7b3c34648ec8b574795d9356ecff357ec6841374
c29f0b4f949f54868ce281016737765858756fd20b06a9e719a3fccda3906a65
c63272315487ccd5d8dd84714962100f1e0b697e660d7080b1450a1269d93e2e
c64ce529876d3eafcc20b1e185c1e40bd4e7dc811f15efa6a152fc35a140e5aa
c6982eee85c886209cad24d7d8a422ffcb612fd1fb3a1df61b27e66ffb283845
c69d0d7a755b7746450df78448fd4265d5057cf77dcf8e2df838e4602bbcccb5
c72be587be3894475d359c0d27520dd0c1fb5584037e3affad4fa22dc2c8ece3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbea0bc0111616b2230d738a9a85ce574094da504c02e5c33dfb594354a1a166
cc057b81bec19b26b224bc49b58d11a693a545d741d7cbd1d514e991bd8e934b
ccce63dfc1efedb0def9a6cd7f9ec29cd6a51e839ab225200f93f886cbcfbaf2
d003194b1ba6366d11d2e60d5f3610b0b55098d79a903ff4702b71f1b12befac
d0eb00de0782fe66d669d58870e313ac56c043ec902e056465fc5ab778bb7030
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d155ef3639f9a6848957c2e54b232a71264f50ac326b977cdfbdb931d54b84c0
d31a033df922835f970154ce3491656ee1fc080f8d87cac95ba606b8a6656b30
d4dc0c66eadd4b3167ccb395964b88ea5717313ab053efc1618af0064cb7f3fd
d5499ae03db92dae52b52a80112550e06a10741200bcfe2a59fe8aa24802d0fb
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
d730144bf24e45e450e1317fc371ce76c8560dad0b5d96f64416d082b58466e7
d914558b5eac818eaa8d95b6ac3676b59a8572781e7d522f86a7b490269598ed
db2ea94d8edd890b71a3ffc47fe3df33fe458735281288158781351df7d7cef0
dbde7d1345478941e2b6a09258b0ed0364335a8df9f10a8391cca51939f82a59
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddb685b622cac9ab8432d724b6000c245e3ca6befeb11bea978d7c50f225c0a1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1c75b45e339eb49ba1e87b229acf628ccdd639b5539f77664954d7a446e1d7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e8a3d35675548b0b291a7fab3d95bbade8afcc6a611b4a6b2fee7d639a4928
e8b2f743536510b5740cd80b34ca14ec31974d75bd536575e79274986287d6e1
e9c73531083ffaa8fab5de4c81d032633515bd0f8276e5034321b6493c0d8063
eb4383fbed4e42bec183d5c8578bad85e74e8a73a858c300139018b3614c04d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff6499bb174512e9fb9c0633a3c9564fb985cf007ad1a2799ec5d798615c573
f5be7236932c3dc1edeb5aca9d7d4bfd3e755373ef80b35a665c5536a5d54e8e
f76967df0dc01a5d88d37d63d8f85719fe3a363ca478284a4eb98e1e99a330fc
fb2540246358994d92bf24fbf99b2101038296fc32369d942585e67a8c989d73
fe9ac741d43461b9e34f51b8fe406782586755895095b715b2b0db10ed06789b
ff3d599f7e0b8644f34ce5e892504690e9122882cfb68ec7b2c63768023e0d61

www.newsha.de Open in urlscan Pro 37.157.250.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

93 %HTTPS

31 %IPv6

50 Domains

62 Subdomains

61 IPs

8 Countries

13049 kBTransfer

19555 kBSize

63 Cookies

16 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newsha.de Open in urlscan Pro
37.157.250.10 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

93 %
HTTPS

31 %
IPv6

50
Domains

62
Subdomains

61
IPs

8
Countries

13049 kB
Transfer

19555 kB
Size

63
Cookies

199 HTTP transactions
4 data transactions