urlscan.io logo urlscan.io
SecurityTrails logo

www.newsmax.com Open in urlscan Pro
2a02:26f0:1700:11::b856:679c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3UiGrmZ
Effective URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Submission: On September 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 9 countries across 81 domains to perform 404 HTTP transactions. The main IP is 2a02:26f0:1700:11::b856:679c, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.newsmax.com. The Cisco Umbrella rank of the primary domain is 38144.
TLS certificate: Issued by R3 on September 8th 2022. Valid for: 3 months.
This is the only time www.newsmax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
49 2a02:26f0:170... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
7 104.75.88.126 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.55.141.237 14618 (AMAZON-AES)
2 93.184.220.66 15133 (EDGECAST)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
9 2a00:1450:400... 15169 (GOOGLE)
1 3 13.32.121.17 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
8 2a00:1450:400... 15169 (GOOGLE)
1 142.250.201.194 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2600:9000:223... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 45.133.44.4 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 23.35.237.151 16625 (AKAMAI-AS)
12 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 44.206.182.6 14618 (AMAZON-AES)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 35.168.71.120 14618 (AMAZON-AES)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 24 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a06:8640:764::2 55081 (24SHELLS)
2 213.19.147.42 3356 (LEVEL3)
29 3.126.109.121 16509 (AMAZON-02)
1 216.52.2.48 32475 (SINGLEHOP...)
1 185.64.190.77 62713 (AS-PUBMATIC)
1 5 185.89.210.153 29990 (ASN-APPNEX)
1 198.148.27.134 19189 (PULSEPOINT)
6 34.149.20.76 15169 (GOOGLE)
1 69.166.1.14 27630 (AS-XFERNET)
6 2602:803:c003... 26667 (RUBICONPR...)
3 34.98.64.218 15169 (GOOGLE)
2 51.38.120.206 16276 (OVH)
1 178.250.0.165 44788 (ASN-CRITE...)
1 4 104.18.18.126 13335 (CLOUDFLAR...)
1 104.244.42.8 13414 (TWITTER)
1 151.139.128.11 20446 (STACKPATH...)
2 108.128.210.64 16509 (AMAZON-02)
2 2.18.68.199 16625 (AKAMAI-AS)
2 6 54.198.172.131 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 96.16.134.193 16625 (AKAMAI-AS)
4 54.194.226.232 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
1 1 185.29.132.241 30419 (MEDIAMATH...)
4 15.197.193.217 16509 (AMAZON-02)
4 4 3.127.193.182 16509 (AMAZON-02)
1 1 141.95.171.142 16276 (OVH)
2 2 141.94.171.215 16276 (OVH)
2 3 52.213.127.205 16509 (AMAZON-02)
2 2 52.209.70.49 16509 (AMAZON-02)
1 2 2.20.72.167 16625 (AKAMAI-AS)
1 2a04:4e42:400... 54113 (FASTLY)
1 1 64.202.112.223 22075 (AS-OUTBRAIN)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
4 2a02:26f0:10e... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
5 178.250.0.157 44788 (ASN-CRITE...)
1 151.101.130.137 54113 (FASTLY)
1 216.238.156.11 19844 (SBA-EDGE-JAX)
9 104.103.72.203 20940 (AKAMAI-ASN1)
1 162.247.241.14 23467 (NEWRELIC-...)
1 34.102.146.192 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2 184.25.50.51 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 141.95.98.65 16276 (OVH)
1 67.202.105.22 32748 (STEADFAST)
1 2.18.68.247 16625 (AKAMAI-AS)
1 2.18.68.187 16625 (AKAMAI-AS)
1 2 198.148.27.139 19189 (PULSEPOINT)
2 23.205.235.133 16625 (AKAMAI-AS)
1 198.47.127.19 62713 (AS-PUBMATIC)
4 4 69.173.144.165 26667 (RUBICONPR...)
3 5 172.217.18.2 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 5 52.46.130.91 16509 (AMAZON-02)
2 4 69.173.144.139 26667 (RUBICONPR...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 3 52.94.223.167 16509 (AMAZON-02)
1 5 104.18.19.126 13335 (CLOUDFLAR...)
2 2 18.156.0.31 16509 (AMAZON-02)
2 2 18.157.92.103 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 2606:4700::68... 13335 (CLOUDFLAR...)
404 106
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
49    2a02:26f0:1700:11::b856:679c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.newsmax.com
6    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
12    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2606:4700:20::ac43:497c (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
7    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
3    2606:4700::6812:dc2 (United States)

ASN13335 (CLOUDFLARENET, US)
proxy.beyondwords.io
audio.beyondwords.io
3    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.55.141.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-141-237.compute-1.amazonaws.com
soapps.net
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a02:26f0:1700:388::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
0217991c.akstat.io
9    2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
10    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
encrypted-tbn1.gstatic.com
6    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
8    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
www.googleadservices.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2600:9000:223c:3000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
4    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
1    2600:9000:223c:2400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:400d:80c::2006 (Ireland)

ASN15169 (GOOGLE, US)
static.doubleclick.net
s0.2mdn.net
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
8    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:223d:cc00:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pxl.qccerttest.com
1    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
12    2a02:26f0:dc::6853:538 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
amp.akamaized.net
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:9000:223d:9c00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    44.206.182.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-182-6.compute-1.amazonaws.com
static.newsmaxfeednetwork.com
1    2600:1f18:730:b140:d4dd:8728:eb33:a60d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    35.168.71.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-71-120.compute-1.amazonaws.com
rp4.liadm.com
4    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
24    2606:4700::6812:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)
app.beyondwords.io
audio.beyondwords.io
proxy.beyondwords.io
metrics.beyondwords.io
3    2a06:8640:764::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    213.19.147.42 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
29    3.126.109.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
6    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
os4m-d.openx.net
google-bidout-d.openx.net
u.openx.net
2    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
assets.newsmaxwidget.com
2    108.128.210.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-210-64.eu-west-1.compute.amazonaws.com
trends.newsmaxwidget.com
2    2.18.68.199 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    54.198.172.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-172-131.compute-1.amazonaws.com
i.liadm.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    96.16.134.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-193.deploy.static.akamaitechnologies.com
79423.analytics.edgekey.net
4    54.194.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
yeet.revcontent.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
9    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
pubads.g.doubleclick.net
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    3.127.193.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-193-182.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    141.95.171.142 (France)

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh
green.erne.co
2    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel-eu.onaudience.com
3    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
id.crwdcntrl.net
2    52.209.70.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-70-49.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2.20.72.167 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-72-167.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    64.202.112.223 (Lovettsville, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    2600:1f18:ed:550e:da96:e3d4:ff6d:c616 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
4    2a02:26f0:10e:29e::aa5 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
ma1540-r.analytics.edgekey.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
cdn.ampproject.org
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    216.238.156.11 (Jacksonville, United States)

ASN19844 (SBA-EDGE-JAX, US)
ipapi.optiryte.com
9    104.103.72.203 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-103-72-203.deploy.static.akamaitechnologies.com
nmxlive.akamaized.net
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
15    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    184.25.50.51 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-50-51.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    2.18.68.247 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    2.18.68.187 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-187.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2a05:d018:d29:3601:ebd:fba0:5325:a4e6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    18.157.92.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-92-103.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
Apex Domain
Subdomains		 Transfer
49 newsmax.com
www.newsmax.com — Cisco Umbrella Rank: 38144
538 KB
29 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 991
4 KB
27 beyondwords.io
proxy.beyondwords.io — Cisco Umbrella Rank: 43360
app.beyondwords.io — Cisco Umbrella Rank: 90249
audio.beyondwords.io — Cisco Umbrella Rank: 13009
metrics.beyondwords.io — Cisco Umbrella Rank: 14001
122 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
239 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
static.doubleclick.net — Cisco Umbrella Rank: 340
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
pubads.g.doubleclick.net — Cisco Umbrella Rank: 437
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
230 KB
21 akamaized.net
amp.akamaized.net — Cisco Umbrella Rank: 7959
nmxlive.akamaized.net — Cisco Umbrella Rank: 64580
2 MB
21 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2282
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
63 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
20 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
208 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
10 KB
11 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3340
rp.liadm.com — Cisco Umbrella Rank: 1667
rp4.liadm.com — Cisco Umbrella Rank: 7652
i.liadm.com — Cisco Umbrella Rank: 604
i6.liadm.com — Cisco Umbrella Rank: 2194
22 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
8 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
798 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
199 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
jnn-pa.googleapis.com — Cisco Umbrella Rank: 273
imasdk.googleapis.com — Cisco Umbrella Rank: 424
366 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
6 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
39 KB
8 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1571
m.addthis.com — Cisco Umbrella Rank: 1521
api-public.addthis.com — Cisco Umbrella Rank: 4277
x.dlx.addthis.com — Cisco Umbrella Rank: 1196
219 KB
7 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1513
ssc-cms.33across.com — Cisco Umbrella Rank: 920
1 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
21 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
111 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
109 KB
5 edgekey.net
79423.analytics.edgekey.net — Cisco Umbrella Rank: 9393
ma1540-r.analytics.edgekey.net — Cisco Umbrella Rank: 57637
320 KB
5 openx.net
os4m-d.openx.net — Cisco Umbrella Rank: 28996
oajs.openx.net — Cisco Umbrella Rank: 3068
google-bidout-d.openx.net — Cisco Umbrella Rank: 2960
u.openx.net — Cisco Umbrella Rank: 650
992 B
5 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5896
ghb.adtelligent.com — Cisco Umbrella Rank: 5717
31 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
2 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1861
3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1857
eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
1 KB
4 revcontent.com
yeet.revcontent.com — Cisco Umbrella Rank: 7533
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
67 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
252 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6352
adservice.google.de — Cisco Umbrella Rank: 9081
1 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3387
onesignal.com — Cisco Umbrella Rank: 1231
82 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 725
id.crwdcntrl.net — Cisco Umbrella Rank: 1389
1 KB
3 newsmaxwidget.com
assets.newsmaxwidget.com — Cisco Umbrella Rank: 66641
trends.newsmaxwidget.com — Cisco Umbrella Rank: 62727
49 KB
3 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 2643
bh.contextweb.com — Cisco Umbrella Rank: 524
832 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
195 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
2 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 714
syndication.twitter.com — Cisco Umbrella Rank: 995
133 KB
3 queryly.com
www.queryly.com — Cisco Umbrella Rank: 10360
14 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com — Cisco Umbrella Rank: 1381
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
57 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13090
1015 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
362 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 831
163 B
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 30719
111 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
11 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1280
c.go-mpulse.net — Cisco Umbrella Rank: 599
51 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
759 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
425 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
708 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
625 B
1 akstat.io
0217991c.akstat.io
202 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3109
8 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 215
611 B
1 optiryte.com
ipapi.optiryte.com — Cisco Umbrella Rank: 63629
563 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 326
14 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
16 KB
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
291 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 697
378 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 18750
342 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
676 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4241
17 KB
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1504
775 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
653 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1765
900 B
1 newsmaxfeednetwork.com
static.newsmaxfeednetwork.com — Cisco Umbrella Rank: 64926
1 KB
1 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 19930
5 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 403
1 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
551 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 117
85 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 232
3 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
682 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 soapps.net
soapps.net — Cisco Umbrella Rank: 47168
9 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
28 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5004
263 B
0 rlcdn.com Failed
api.rlcdn.com Failed
404 81
Domain Requested by
49 www.newsmax.com www.newsmax.com
29 btlr.sharethrough.com player.adtcdn.com
17 proxy.beyondwords.io www.newsmax.com
proxy.beyondwords.io
15 tpc.googlesyndication.com www.newsmax.com
securepubads.g.doubleclick.net
10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 amp.akamaized.net www.newsmax.com
amp.akamaized.net
12 fundingchoicesmessages.google.com www.newsmax.com
9 nmxlive.akamaized.net amp.akamaized.net
9 www.youtube.com www.newsmax.com
www.youtube.com
9 www.googletagmanager.com www.newsmax.com
audio.beyondwords.io
www.googletagmanager.com
8 www.google.com 1 redirects www.youtube.com
www.newsmax.com
tpc.googlesyndication.com
10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
8 www.google-analytics.com www.googletagmanager.com
www.newsmax.com
www.google-analytics.com
audio.beyondwords.io
6 gum.criteo.com 3 redirects static.criteo.net
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 i.liadm.com 2 redirects b-code.liadm.com
i.liadm.com
6 fastlane.rubiconproject.com player.adtcdn.com
6 ssc.33across.com player.adtcdn.com
6 audio.beyondwords.io www.newsmax.com
proxy.beyondwords.io
browser.sentry-cdn.com
6 securepubads.g.doubleclick.net www.googletagservices.com
www.newsmax.com
securepubads.g.doubleclick.net
6 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
6 cdnjs.cloudflare.com www.newsmax.com
cdnjs.cloudflare.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 cm.g.doubleclick.net 3 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 mug.criteo.com
5 ib.adnxs.com 1 redirects player.adtcdn.com
acdn.adnxs.com
5 googleads.g.doubleclick.net 1 redirects www.youtube.com
www.googleadservices.com
10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 ma1540-r.analytics.edgekey.net 79423.analytics.edgekey.net
4 x.bidswitch.net 4 redirects
4 match.adsrvr.org i.liadm.com
ads.pubmatic.com
ssum-sec.casalemedia.com
4 yeet.revcontent.com assets.newsmaxwidget.com
4 www.facebook.com www.newsmax.com
4 jnn-pa.googleapis.com www.youtube.com
4 s7.addthis.com www.newsmax.com
s7.addthis.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 encrypted-tbn3.gstatic.com 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 ghb.adtelligent.com player.adtelligent.com
3 www.google.de www.newsmax.com
3 connect.facebook.net www.newsmax.com
connect.facebook.net
3 sb.scorecardresearch.com 1 redirects www.newsmax.com
3 fonts.googleapis.com www.newsmax.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.queryly.com www.newsmax.com
2 pm.w55c.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 eus.rubiconproject.com player.adtcdn.com
eus.rubiconproject.com
2 bh.contextweb.com 1 redirects player.adtcdn.com
2 encrypted-tbn0.gstatic.com 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
2 oajs.openx.net 1 redirects
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 metrics.beyondwords.io browser.sentry-cdn.com
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 dpm.demdex.net 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 imasdk.googleapis.com amp.akamaized.net
imasdk.googleapis.com
2 ads.pubmatic.com assets.newsmaxwidget.com
player.adtcdn.com
2 trends.newsmaxwidget.com www.newsmax.com
assets.newsmaxwidget.com
2 onetag-sys.com player.adtcdn.com
2 targeting.unrulymedia.com player.adtcdn.com
2 onesignal.com cdn.onesignal.com
2 app.beyondwords.io 1 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 stats.g.doubleclick.net www.google-analytics.com
2 player.adtelligent.com player.adtcdn.com
2 player.adtcdn.com www.newsmax.com
2 cdn.onesignal.com www.googletagmanager.com
cdn.onesignal.com
2 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
2 platform.twitter.com www.newsmax.com
platform.twitter.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 ad.turn.com 1 redirects
1 px.ads.linkedin.com
1 image6.pubmatic.com ads.pubmatic.com
1 acdn.adnxs.com player.adtcdn.com
1 js-sec.indexww.com player.adtcdn.com
1 ssc-cms.33across.com player.adtcdn.com
1 u.openx.net player.adtcdn.com
1 id5-sync.com player.adtcdn.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 0217991c.akstat.io s.go-mpulse.net
1 encrypted-tbn1.gstatic.com 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
1 eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 bam.nr-data.net js-agent.newrelic.com
1 ipapi.optiryte.com www.newsmax.com
1 js-agent.newrelic.com www.newsmax.com
1 id.crwdcntrl.net ads.pubmatic.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 s0.2mdn.net imasdk.googleapis.com
1 i6.liadm.com i.liadm.com
1 b1sync.zemanta.com 1 redirects
1 trc.taboola.com i.liadm.com
1 green.erne.co 1 redirects
1 sync.mathtag.com 1 redirects
1 browser.sentry-cdn.com audio.beyondwords.io
1 79423.analytics.edgekey.net amp.akamaized.net
1 assets.newsmaxwidget.com static.newsmaxfeednetwork.com
1 api-public.addthis.com s7.addthis.com
1 syndication.twitter.com platform.twitter.com
1 htlb.casalemedia.com player.adtcdn.com
1 bidder.criteo.com player.adtcdn.com
1 os4m-d.openx.net player.adtcdn.com
1 apex.go.sonobi.com player.adtcdn.com
1 bid.contextweb.com player.adtcdn.com
1 hbopenbid.pubmatic.com player.adtcdn.com
1 ap.lijit.com player.adtcdn.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 rp4.liadm.com www.newsmax.com
1 rp.liadm.com 1 redirects
1 static.newsmaxfeednetwork.com www.newsmax.com
1 product.instiengage.com soapps.net
1 z.moatads.com s7.addthis.com
1 pixel.quantserve.com www.newsmax.com
1 pxl.qccerttest.com www.newsmax.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net www.newsmax.com
1 soapps.net www.newsmax.com
1 www.googletagservices.com www.newsmax.com
1 bit.ly 1 redirects
0 api.rlcdn.com Failed ads.pubmatic.com
404 137
Subject Issuer Validity Valid
www.newsmax.com
R3		 2022-09-08 -
2022-12-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.beyondwords.io
E1		 2022-08-06 -
2022-11-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA		 2022-01-13 -
2023-01-22		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-05 -
2022-10-03		 3 months crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
player.adtelligent.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
newsmaxfeednetwork.com
Amazon		 2022-07-26 -
2023-08-24		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
assets.newsmaxwidget.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
newsmaxwidget.com
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
*.analytics.edgekey.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-14		 a year crt.sh
revcontent.com
Amazon		 2022-06-16 -
2023-07-16		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
ipapi.optiryte.com
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh

This page contains 28 frames:

Primary Page: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Frame ID: E7D03CC341A57A82276ED9577A335C37
Requests: 250 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZE6BULZwwRw
Frame ID: 831813A37A4E6EAE6B13B21ED33A84EE
Requests: 20 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 666BB00B6BFF5F697BF9F32A8B584218
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1DDE19C060C5FE7D216158C1CE4C854D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.newsmax.com
Frame ID: B6A012D3621E8F4BA967E044704CC53E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CCB92E21C66D5463FFAFFCD31BE07B49
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 810E0E7078E6C40EEE2B48DF06ED6F4F
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4C9F7CA170384B1F410BB699E00789B1
Requests: 1 HTTP requests in this frame

Frame: https://audio.beyondwords.io/e/5141405
Frame ID: 7C49B411A0536B6B19942F430313D2CF
Requests: 31 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: A25AAA86EB952813F634143BBEC23CC7
Requests: 5 HTTP requests in this frame

Frame: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D433CE24F796654E265DD5D3A588E3D2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsmax.com
Frame ID: 06C7AC8D182B2AF847669D561AA9B9EB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 943E08167FFA4F4125BAE48A49EBD2F3
Requests: 16 HTTP requests in this frame

Frame: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 64951C23842A6F6A0646B6ABA2D511C4
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html
Frame ID: 7DC04860B9E776C680D774FDC472EDF2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9F5BBFDEF520052F3FE372F50305DC59
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D151FC176AAFF160D9434F08A2A09E1A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D025DD9B0B89137B057B0321DB70D490
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: EDDB3FAD41A2CC3FF130BF84F8619B09
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: 944FF24E8A85DA248A5E6FB6E5582D3D
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: D9F3F92032B6EE4B8A47C388EC0818E5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c-2cfImqCr7ikOaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 968AD0070CD5C7664304FF9739F84960
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8E957508BF670D498F78675C2F3D82FB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E00F715AAB4CCC4F76709EAC01389BE
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?reat=1
Frame ID: 08E1202E69AF2253AFFEF52C7FFAA035
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664124770134
Frame ID: E6BB7E1E99127FD80056EA547630B29C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A2E8F4442AB2B13283ED57B5C6439C6B
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 5E9A23453D4B057E2686D61B2587F514
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Trump: 'Thugs, Tyrants' Awakened a 'Sleeping Giant' | Newsmax.com FacebookTwitterLinkedInCopy Link

Page URL History Show full URLs

  1. https://bit.ly/3UiGrmZ HTTP 301
    https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /CMSPages/GetResource\.ashx
Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

404
Requests

91 %
HTTPS

48 %
IPv6

81
Domains

137
Subdomains

106
IPs

9
Countries

7083 kB
Transfer

16269 kB
Size

86
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3UiGrmZ HTTP 301
    https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://sb.scorecardresearch.com/cs/9248945/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 78
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 111
  • https://rp.liadm.com/j?dtstmp=1664124769790&aid=a-026z&se=e30&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&tna=v2.4.2&pu=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&wpn=lc-bundle&c=PHRpdGxlPgoJVHJ1bXA6ICdUaHVncywgVHlyYW50cycgQXdha2VuZWQgYSAnU2xlZXBpbmcgR2lhbnQnIHwgTmV3c21heC5jb20KPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlICB0aHVncyBhbmQgdHlyYW50cyAgYXR0YWNraW5nIHRoZSBNQUdBIG1vdmVtZW50IGhhdmUgYXdha2VuZWQgYSAgc2xlZXBpbmcgZ2lhbnQsICBmb3JtZXIgUHJlc2lkZW50IERvbmFsZCBUcnVtcCBzYWlkIGR1cmluZyBoaXMgU2F2ZSBBbWVyaWNhIHJhbGx5IGluIFlvdW5nc3Rvd24sIE9oaW8sIG9uIFNhdHVyZGF5IG5pZ2h0LiI- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1664124769790&aid=a-026z&se=e30&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&tna=v2.4.2&pu=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&wpn=lc-bundle&c=PHRpdGxlPgoJVHJ1bXA6ICdUaHVncywgVHlyYW50cycgQXdha2VuZWQgYSAnU2xlZXBpbmcgR2lhbnQnIHwgTmV3c21heC5jb20KPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlICB0aHVncyBhbmQgdHlyYW50cyAgYXR0YWNraW5nIHRoZSBNQUdBIG1vdmVtZW50IGhhdmUgYXdha2VuZWQgYSAgc2xlZXBpbmcgZ2lhbnQsICBmb3JtZXIgUHJlc2lkZW50IERvbmFsZCBUcnVtcCBzYWlkIGR1cmluZyBoaXMgU2F2ZSBBbWVyaWNhIHJhbGx5IGluIFlvdW5nc3Rvd24sIE9oaW8sIG9uIFNhdHVyZGF5IG5pZ2h0LiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEx&n3pc=true
Request Chain 123
  • https://app.beyondwords.io/api/v2/projects/15943/podcasts/iframe.html HTTP 302
  • https://audio.beyondwords.io/r/15943
Request Chain 228
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fc81588e1b55f415ea3e11a5d29eaf374%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&75f180be-dd61-4db0-a4ee-5c06ce3ac0e4 HTTP 302
  • https://i.liadm.com/s/e/a-026z/0/c81588e1b55f415ea3e11a5d29eaf374?mpid=7156&muid=8e6f6330-8763-4a00-9cae-d353eadd48d8
Request Chain 230
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=f92e2c29-b3d0-4ca3-8215-9a4a3292749f HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4 HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=liveintent&gdpr=&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dliveintent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=70d7ab68a8b84f3c/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D270%2526expires%253D10%2526user_id%253D7GPoEAlsTaQTghUSgShSWMYj%2526ssp%253Dliveintent HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=70d7ab68a8b84f3c/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D270%2526expires%253D10%2526user_id%253D7GPoEAlsTaQTghUSgShSWMYj%2526ssp%253Dliveintent HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D7GPoEAlsTaQTghUSgShSWMYj%26ssp%3Dliveintent HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=7GPoEAlsTaQTghUSgShSWMYj&ssp=liveintent HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f92e2c29-b3d0-4ca3-8215-9a4a3292749f
Request Chain 231
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fc81588e1b55f415ea3e11a5d29eaf374%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fc81588e1b55f415ea3e11a5d29eaf374%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-026z/0/c81588e1b55f415ea3e11a5d29eaf374?mpid=82775&muid=13370628435354752492785162985303783267
Request Chain 232
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&rd=Y
Request Chain 234
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Request Chain 291
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ip7xVnxkbTlHRzFHVjRXWnQ1TWZoUHNieVlnbWVBUkFVL3hPT0VCU3B4WHdkeVQ3US9LMGptVFhUTzBVK0t1dklERFRLL3dnbGRKK0tzYlhac212Nko0cXJnMTR2TWpoMDVudlY5SEN2T3lCUllBem5tUVZOMDVreEZUWThpa0xqVFAwL0J0MlVjakNldXV3ZzM1ZFI4ai9YN0ZMRlVkeU5PZXBnTEZtUHppc1QwQ1NTcnB4c1pUU1hMOWx0YnZlZEdlVTFaVkQ1OHpIa29uRHAza21yZ0JWRkMyU2VBTVRYQ2tGbzNZNElEZEVqV01wUVMvbHFwcEVldTFVUjFrYzRUMlg4fA&cppv=2
Request Chain 324
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=newsmax.com&sn=ChromeSyncframe&so=0&topUrl=www.newsmax.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=PJa7cXw0dU4rS0JjT1ZmZDROZUgxd2MySW5WaUdoOGRncWJ3MEloRHFMaUo0WmZZN2RDYTZnRjNBQjhsU0VvUXVxVEFVTFcrdnlaNitBaEZTM2ZpOWpjVnFBajRZeXFkeGcrZm5tT0dkLy9KMmU0VHZBYXloVWNpcjZpcG43L1FiQjdxeGQ4VG9NbUZFclB5NmQ5aXl0RHdBMUppY1JQYVZyMFpvRkJLWGdsZW91dUcwajFPdDdTYkJLdTNvb01BVDVuM1pBd3B5akY2dDdtZ1B5aTE2WDNGd2lLbDdqNDMya1puWjNjSHltWm5jbVp6RUtGbk1LYWtTL1FPTEU3eTVZYm9VVUs3eEZnUTFBSUlpSjg0N1JoNm1Ldz09fA&cppv=2
Request Chain 328
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=peupts8g5 HTTP 302
  • https://3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 329
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=peupts8g5 HTTP 302
  • https://eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net/eum/results.txt
Request Chain 337
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&rid=esp&cc=1
Request Chain 347
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 375
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=lBt0_Xxod0NwWnBxSWVQMWk5UFFncUViekQxcFI0ejlEd1VNbXU2MlA1V3FFbTByQzFGTjFRYm1FTUtRQWZyUTZMc3NseSs5ZzE0b3NIUnpOQ2lVeWJlRlZhN05rNno3QnlxYkh1c0ZkbmFjWnlZbXV3VldVaUVmdmEwaEJtdCtMVHdYeUN5Q0twd3BwVmZwdFYxUGc1blY3VWV0ZkI4YlIwdzNaa3Myd0swczFyTjRlRExFSHNDeG9Zazk2WUFnWVJYdG1mQ0FWSURTTHJyRGRvbmUydjErUGZjdHVoM0xhTTdtNzlZMnhNY3pZdFBDbWc4K1NhYjVTclYxRjdGWjQySHJlblA5RGF2QjdpS1lOZTNOKzlkNlJFOSsxTFJPcHZTTjNBZks0dmQ2MHRqRT18&cppv=2
Request Chain 382
  • https://bh.contextweb.com/visitormatch HTTP 302
  • https://bh.contextweb.com/visitormatch?reat=1
Request Chain 388
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 389
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 390
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhIS1g2TU4tRS1BQkpS
Request Chain 391
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGY2YWExOWZhY2NiMTgyMGI5Mzc1ZWVhN2VjMjM2YzVhMWQzNDc0NA
Request Chain 392
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8HKX6MN-E-ABJR
Request Chain 394
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=It-L2XJoQfuKT6MGcUDKTw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=It-L2XJoQfuKT6MGcUDKTw
Request Chain 395
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/pyQ4OjhrAd5umvC197bNUQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2743714255978199394
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKF1E6XG-afSX4q-bQiUI0I&google_cver=1
Request Chain 397
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ve59NM-tTsSLL0DGfO_b0w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ve59NM-tTsSLL0DGfO_b0w
Request Chain 398
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzCHZ1kOANs1r54PNeBvMwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKL8l9pTzj4clErY6sxPitg&google_cver=1
Request Chain 400
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&dcc=t
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKHOjK-hAN8upEpGaVoflb0&google_cver=1
Request Chain 402
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB
Request Chain 403
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=itTDGFeQ1OCuSb5
Request Chain 404
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4398413357986781188
Request Chain 405
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821781762190

404 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Redirect Chain
  • https://bit.ly/3UiGrmZ
  • https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
205 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
976383215c7ae7404b7b6f795094d7c212d38f28fefec032f78a200a4d143daf
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 25 Sep 2022 16:52:48 GMT
expires
Sun, 25 Sep 2022 16:52:48 GMT
link
<https://cdnjs.cloudflare.com>;rel="preconnect",<https://www.queryly.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://b-code.liadm.com>;rel="preconnect",<https://platform.twitter.com>;rel="preconnect",<https://securepubads.g.doubleclick.net>;rel="preconnect",<https://sb.scorecardresearch.com>;rel="preconnect",<https://www.googletagservices.com>;rel="preconnect"
pragma
no-cache
server
Microsoft-IIS/10.0
server-timing
cdn-cache; desc=REVALIDATE edge; dur=153 origin; dur=243
strict-transport-security
max-age=0
vary
Accept-Encoding
x-akamai-transformed
9 69902 0 pmb=mTOE,4mRUM,2
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge IE=edge

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
160
content-type
text/html; charset=utf-8
date
Sun, 25 Sep 2022 16:52:48 GMT
location
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
server
nginx
via
1.1 google
GetResource.ashx
www.newsmax.com/CMSPages/ 		0
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSPages/GetResource.ashx?stylesheetname=Empty
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
etag
"cssstylesheet|1537f138-8154-43b1-9ffb-c35a6dda086c"
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
attachment; filename="Empty.css"
server-timing
cdn-cache; desc=HIT, edge; dur=60
content-length
0
x-ua-compatible
IE=edge
last-modified
Wed, 03 Aug 2022 18:58:40 GMT
server
Microsoft-IIS/10.0
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=0
expires
Sun, 25 Sep 2022 16:52:48 GMT
newsmax.min.css
www.newsmax.com/css/ 		238 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/css/newsmax.min.css
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
824f4ca1a4d8e5d1bf711ba3923cf38a75916abb6e0af5e1e137852c108b7e83
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"6804aa0ebed81:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
34839
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Thu, 01 Sep 2022 16:30:06 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=163053
accept-ranges
bytes
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1178651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDqW0ozn0PpPPTtL97Lwzzum65rGyBJwghxM69aMTUR9WR0lc0rKWUhRnyRrPNnr57WeLtBVnsoCTTFfbVhkol%2Fla4UksdEcQnzaPQCj1GaJY1B8k54rggINzKbGHeM5rmKcR9bQa5sU5H9i7zXB8hyD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
750545bd0ec76919-FRA
expires
Fri, 15 Sep 2023 16:52:48 GMT
jquery-3.2.1.min.js
www.newsmax.com/js/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/jquery-3.2.1.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"01f232a537dd51:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
27226
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Wed, 07 Sep 2022 10:49:42 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=458390
accept-ranges
bytes
jquery-migrate-3.0.0.min.js
www.newsmax.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/jquery-migrate-3.0.0.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"01f232a537dd51:0"
last-modified
Fri, 16 Sep 2022 01:56:20 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=298637
date
Sun, 25 Sep 2022 16:52:48 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
2378
x-ua-compatible
IE=edge
jquery-ui-1.12.1.min.js
www.newsmax.com/js/ 		248 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/jquery-ui-1.12.1.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"01f232a537dd51:0"
last-modified
Mon, 19 Sep 2022 18:47:03 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=93296
date
Sun, 25 Sep 2022 16:52:48 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
57146
x-ua-compatible
IE=edge
SponsoredHeadline.js
www.newsmax.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/SponsoredHeadline.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
fd7b76263428d15a209bea5abba0c2c72b29cc6e84337eda19de82bc61d1a8e6
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"ccebc19780bbd71:0"
last-modified
Tue, 13 Sep 2022 21:04:25 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=127460
date
Sun, 25 Sep 2022 16:52:49 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
845
x-ua-compatible
IE=edge
jquery.cookie.js
www.newsmax.com/CMSScripts/jquery/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/jquery/jquery.cookie.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"0c5c027537dd51:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1131
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Tue, 12 Jul 2022 08:59:23 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=83920
accept-ranges
bytes
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9402331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16919
timing-allow-origin
*
last-modified
Tue, 06 Oct 2020 12:01:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7c5ca4-e5ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZVrSAwQhMFMdfFJRbSVNqDYnwy1VC7By8nKogo%2F%2BsBYgDXDQP6djV7e0KBuRFZ%2F3CDYbXfNlZVt%2FI2gGfLseYfKdr5SW%2Fm7d5WxNa3FbW5e4VsONm6OSLVy6BaXwq7%2BaFraTqUQH9OqBXnpSKl%2FpnUD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
750545bd0ed16919-FRA
expires
Fri, 15 Sep 2023 16:52:48 GMT
HeaderScripts.js
www.newsmax.com/CMSScripts/Newsmax/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/HeaderScripts.js?v=1.0
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
2f0dd8ca4aa9fb6b68aee8d9ec46d7c9a89c094c0c33d1c96158130e7a28440f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"6c8f7fd76691d81:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
2205
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Wed, 07 Sep 2022 21:34:24 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=155186
accept-ranges
bytes
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
305077dee7fbda679e06c0f1414df9f1dde1253340dfa5fe263982423e2dc5eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27836
x-xss-protection
0
server
sffe
etag
"1344 / 727 of 1000 / last-modified: 1663970834"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 25 Sep 2022 16:52:49 GMT
jquery.colorbox-min.js
www.newsmax.com/CMSScripts/Newsmax/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jquery.colorbox-min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
4cc3aa296e490c4345a5746b895a922cdead09f111a80b38a2d2ca97f19ab634
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"0c5c027537dd51:0"
last-modified
Thu, 22 Sep 2022 11:01:42 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=324498
date
Sun, 25 Sep 2022 16:52:49 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
4199
x-ua-compatible
IE=edge
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
928950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-ab69"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpX4Ya%2FUN55m0ppzb8S%2FnwHNIXYVTkDOU35xHDu8hFT0F0%2BTbziCNe0gbeIi1UHkrrTRyn%2BfeSmGWaDtGGXc7k5QJqbegUXwXQZaCI5k7PRMD2jctprG7pxDB51r9RdbKRho1PpP70xzMBCE3ziM14G%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
750545bd0ed36919-FRA
expires
Fri, 15 Sep 2023 16:52:48 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		2 KB
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6974718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
657
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-956"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnO4eDPFvA2U3wTtY1hsWLhs72jhQE0SAZ6hgnTO1pm9kRon83k81I46dEzIDSS%2B4mbiDjnZpieX6N5ZbmFrhjFY%2FCXbMbf%2FA3qDlP2%2BxxGWi0V%2BH72TAeB1nSO5aKQuMopHGB1Eo8EtRot7BKIJcq%2Ft"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
750545bd0ecd6919-FRA
expires
Fri, 15 Sep 2023 16:52:48 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		1 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2852954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
394
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-559"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSuMeRhIxdEv%2BeXPM0pcc%2B26VbktyciNZpj7xOxEUiCHLuOoy4wE0l9XhAv3K%2FeQZsEXfpuJvYV5TUxbBZ8%2BTyQo9%2FQ9sfqV2sB8%2BuKquW4g8wZ2MDg%2BqhPgweLAWSMX0zodKRT%2F3vtup3tbRqrxKsUC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
750545bd0ed06919-FRA
expires
Fri, 15 Sep 2023 16:52:48 GMT
pub-2932230807573228
fundingchoicesmessages.google.com/i/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-2932230807573228?ers=1
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c79d7afce11aeae326c31014e7029e5234a98b5282c6fb8a83d3b5efaa3f250
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3sXV8e0n5jbt1kEDkkDpvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-3sXV8e0n5jbt1kEDkkDpvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.newsmax.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/analytics.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
aca9e5a67f06ff68ac7ced2031ef234afd2f20010451a904f25b8d4fcbfb04f8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"01f232a537dd51:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
869
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Tue, 20 Sep 2022 16:37:35 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=171984
accept-ranges
bytes
44c57ca
www.newsmax.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/akam/13/44c57ca
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20a7d63f70f482fc54390f4ffa8187d77c4aab17ac34c37e6c103fc6a9478610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:06:48 GMT
etag
"0eef25c71a378d4f5ee12c7afda272e751661725cec6312c66d434a5250078e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=101
content-length
8803
expires
Sun, 25 Sep 2022 16:52:49 GMT
WebResource.axd
www.newsmax.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/WebResource.axd?d=ajj-54hEFw_9s8vUhC7aqiqIMz0pNh5t4_SU2ofVsVwummsDI5FJiI5GycwOyKPz2gszbuHXhWsBOxBmW8C9TcQBcJ41&t=637823185705833095
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
6190
x-ua-compatible
IE=edge
last-modified
Tue, 08 Mar 2022 11:42:50 GMT
server
Microsoft-IIS/10.0
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=19796405
expires
Fri, 12 May 2023 19:52:53 GMT
ScriptResource.axd
www.newsmax.com/ 		100 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/ScriptResource.axd?d=loHavPNe5-_O6-V3CpmHjIdMuSiXtcpWnzKoZD-UT8JxRi8UwWlnQEWIm_xcEZefPXVTHWQVkrAwyQS5K6tYoAzkJ1emGBD02Q1-XF_Wkm8MAoqsOJaC48nXex3lIrasiamatjcOgjyDKLfqTq2xRqsscLw1&t=ffffffffaa493ab8
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
34415
x-ua-compatible
IE=edge
last-modified
Thu, 12 May 2022 19:52:53 GMT
server
Microsoft-IIS/10.0
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=19796405
expires
Fri, 12 May 2023 19:52:53 GMT
ScriptResource.axd
www.newsmax.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/ScriptResource.axd?d=ZdTB-9wgzkd9MabCDj2_sb4StvrEu3LYOwvQ0ovmO7RIA8MWwIA06RJTjeOr04VT2W6gvKbcIGnaVcB4YCVNs7UBEyicwrJOogQaVis9iLBEtOOhRy7hM4660Qd2GT-FSNcpu2pEX72vVsVfVTR3eSQV2jYblFlPZ-AzoBtrh_Obe_2_0&t=ffffffffaa493ab8
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
13475
x-ua-compatible
IE=edge
last-modified
Thu, 12 May 2022 19:52:53 GMT
server
Microsoft-IIS/10.0
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=19796405
expires
Fri, 12 May 2023 19:52:53 GMT
livevalidation_standalone.compressed.js
www.newsmax.com/CMSScripts/Newsmax/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/livevalidation_standalone.compressed.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
2cb0b567a460d1ad8cda6eb7df264e6070ff50f9cc54548b81b07ab44671aa9e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"0c5c027537dd51:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3082
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Mon, 19 Sep 2022 19:12:33 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=94820
accept-ranges
bytes
ads.adblock.js
www.newsmax.com/js/ 		85 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/ads.adblock.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
bcac3bf87fa15538baecc11175568cd47945a0f3ea3c91d23daafe6423b56983
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"01f232a537dd51:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
76
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Fri, 26 Aug 2022 08:35:35 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=160369
accept-ranges
bytes
whitesearchicon.png
www.queryly.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitesearchicon.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6bc30e75c37bf18ef1ab4c691fa3cb3e8733f6c33bdd18d76e7c08c6d86040ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:48 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76794
x-powered-by
ASP.NET
content-length
2423
last-modified
Wed, 22 Apr 2020 02:43:06 GMT
server
cloudflare
etag
"d8c5c3c04f18d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6H5lDUwWeyfdGSCDy58lyycMv5PoKYbJw7pUUFNt8V9eN2eqZRL%2BwP1xJCbWl4Nlx7umQlph9lzSi3IOaEBbqioOycntPKzAK9dvm5zG4Bir8EfRrvA4RLVrRalnZV%2BCUDczSlqAdZsavDewBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
750545bdef449054-FRA
access-control-allow-headers
*
queryly.v4.js
www.queryly.com/js/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3db1711b708e98ad42b7764a019342259e8c5c8fd4d4602fadd8e28b69f0200a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76839
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
last-modified
Thu, 11 Aug 2022 16:00:33 GMT
server
cloudflare
etag
W/"80a6a27c9badd81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmukRJiul1qCZm1Syl%2BR2eT%2F7M%2Byt%2FgcuwEZsDMJxTAra5A2VA3xaA2gLhz5gwzgUBA8zN%2FhjdhD%2FphtqqwtXj6YEJRbfU8zPMJFMzrgGPdmvdVuAclvHSoSByg2PKzmgBRCaOQeDb0ZvZFd%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
750545bdcf069054-FRA
access-control-allow-headers
*
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Sun, 25 Sep 2022 16:52:49 GMT
x-host
s7.addthis.com
content-length
116360
iframe-helper.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@latest/dist/module/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@latest/dist/module/iframe-helper.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12140b4473f394cc528bb35f79e33d7c0fc900303ed5c207166516d6b60ece3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
255764
x-jsd-version
0.0.6-rc9
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7909
x-served-by
cache-fra19175-FRA, cache-itm18851-ITM
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"59fb-ZwpK9WFGJwnsVrnqJgHi0uRqo4E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxMz2UkStbcNiGERsjplHXjiG8Bfbkvvqv2dQgs37FaDvbuci06IX4ENG0kfHzOwr%2FRABea79Ee3PgCgngpDbIdkLD8k1ClVYety4qpmscu9zp%2BGFyP0OJ6Dpw3uQOrTjiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545be792fbb53-FRA
expires
Sun, 02 Oct 2022 16:52:49 GMT
tooltipCloseButton.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		291 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/tooltipCloseButton.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
792841a32ebf331ee6adcf3f7714ae9cca8cdf615fea08bee8f13d8a83dd8688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
"03e2d24537dd51:0"
x-serial
1769
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=53792
last-modified
Thu, 20 Jan 2022 15:39:27 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
291
expires
Mon, 26 Sep 2022 07:49:21 GMT
GetFile.aspx
www.newsmax.com/CMSPages/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/CMSPages/GetFile.aspx?guid=d1ebe0e1-6ca9-4968-b08b-45858b4ebeb1&maxsidesize=120&SiteName=Newsmax
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ea455069ac1cb7e328fbf59cbd34b45362e161e8747f13c01a416c4c25f2ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Sat, 24 Sep 2022 09:58:54 GMT
server
Akamai Image Manager
etag
"en-us|d1ebe0e1-6ca9-4968-b08b-45858b4ebeb1|9/18/2022 12:56:35 AM|LiveSite"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
server-timing
cdn-cache; desc=HIT, edge; dur=580
content-length
5010
expires
Mon, 26 Sep 2022 04:52:49 GMT
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Sep 2022 16:10:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 25 Sep 2022 16:52:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Sep 2022 16:52:49 GMT
nm-logo-sq.gif
www.newsmax.com/App_Themes/Newsmax/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/Newsmax/images/nm-logo-sq.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e7ddb6a0e855c5e9ec7b21b5bddab044922ba7d768781a19466fd09eaf2547dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Wed, 11 May 2022 17:56:11 GMT
server
Akamai Image Manager
etag
"d865ca24a160d81:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=210263
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1077
expires
Wed, 28 Sep 2022 03:17:12 GMT
oauthclient.js
www.newsmax.com/js/sso/ 		3 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/js/sso/oauthclient.js?v=1.5
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
3b57856220502463404208797101b5694691dd36e30354f5ff57bc144fd611d9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"44ed282630abd81:0"
last-modified
Thu, 15 Sep 2022 01:35:20 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=230037
date
Sun, 25 Sep 2022 16:52:48 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
689
x-ua-compatible
IE=edge
bundle.js
soapps.net/live/loader/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/bundle.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.141.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-141-237.compute-1.amazonaws.com
Software
/
Resource Hash
3988f57751937ac8f5ceb338d62672d4f6ae1b8dfdbb969c651adf3184ef830d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 23 Aug 2022 11:25:56 GMT
ETag
W/"6304b944-50f3"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
jQuery.signup.js
www.newsmax.com/CMSScripts/Newsmax/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jQuery.signup.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
fedbb98e0dadd4964896ee19251fbab829fcfb84fd7710ee7a56d5e87a7ac914
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"961fd2d61083d71:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4037
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Thu, 08 Sep 2022 18:17:57 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=229778
accept-ranges
bytes
SMS-Banner-300x600-v2.jpg
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/SMS-Banner-300x600-v2.jpg
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
90fb6f285e623bb5acd728f0422f99bc79c9f405374034703045cbd837c3349c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
"01cebc8451d81:0"
x-serial
564
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, no-transform, max-age=171382
last-modified
Sat, 13 Aug 2022 20:57:35 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
43487
expires
Tue, 27 Sep 2022 16:29:11 GMT
jQuery.articleDFP.js
www.newsmax.com/CMSScripts/Newsmax/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jQuery.articleDFP.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
32c7487cc816da6071ed8bbf4e16a231480f3e00b627e298b1324f8a440b9908
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"56787cbb8663d71:0"
last-modified
Tue, 20 Sep 2022 22:05:03 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=191563
date
Sun, 25 Sep 2022 16:52:48 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
2160
x-ua-compatible
IE=edge
jQuery.articleEcomms.js
www.newsmax.com/CMSScripts/Newsmax/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jQuery.articleEcomms.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
9ce5e5b6c6ceb76402d5d13a15ff17223de24c484c2f2efe7cdbee4ac0eab96e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"c44ad0e6fb91d81:0"
last-modified
Thu, 22 Sep 2022 12:30:41 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=329975
date
Sun, 25 Sep 2022 16:52:48 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
1001
x-ua-compatible
IE=edge
jQuery.article.js
www.newsmax.com/CMSScripts/Newsmax/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jQuery.article.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
b96868ee0f8c549224fc5b618409007b1cb3a9d1c6632a44cbb85eb809e0ff69
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"656f045d2f1d71:0"
last-modified
Fri, 16 Sep 2022 15:37:50 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=367002
date
Sun, 25 Sep 2022 16:52:48 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
3979
x-ua-compatible
IE=edge
jquery.zclip.js
www.newsmax.com/CMSScripts/Newsmax/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSScripts/Newsmax/jquery.zclip.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
c25a41beadb5afc68a4c4b2b1e94143ae0b6db7d3745640f4d55a62c2851e133
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"0c5c027537dd51:0"
last-modified
Fri, 26 Aug 2022 11:34:50 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=171033
date
Sun, 25 Sep 2022 16:52:48 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
3656
x-ua-compatible
IE=edge
ios.png
www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ios.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
500b1cb2d9aed655f5bc0eb0313a6ebf75d3613e94b2234a60f532eea7e51590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Thu, 20 Jan 2022 15:39:31 GMT
server
Akamai Image Manager
etag
"db4515d7abf6d71:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=474163
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1389
expires
Sat, 01 Oct 2022 04:35:32 GMT
play.png
www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/play.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6ad0665b8b1e41b73f4232e0c7940822116c2038cd2550897549d7f8a2bff668

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Thu, 20 Jan 2022 15:39:23 GMT
server
Akamai Image Manager
etag
"e27585d6abf6d71:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=53005
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1749
expires
Mon, 26 Sep 2022 07:36:14 GMT
newsmaxqr-80.png
www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/qrcode/newsmaxqr-80.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
548ff995b93f8f32334747b861c74a4dc11d6624456679485d6d4a6930d39b67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Thu, 04 Aug 2022 18:27:43 GMT
server
Akamai Image Manager
etag
"39c4c7e5aaf6d71:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=484981
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3242
expires
Sat, 01 Oct 2022 07:35:50 GMT
jquery.zrssfeed.min.js
www.newsmax.com/CMSscripts/newsmax/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSscripts/newsmax/jquery.zrssfeed.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
b2e91321d1b560fe1ec1aba1374e92c5dd4c33b2abc0cdc6079b5b74894acd56
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
br
etag
"0c5c027537dd51:0"
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1065
x-ua-compatible
IE=edge
x-akamai-http2-push
1
last-modified
Wed, 21 Sep 2022 21:34:44 GMT
server
Akamai Resource Optimizer
date
Sun, 25 Sep 2022 16:52:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=276174
accept-ranges
bytes
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
568
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Methods
GET
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29220
x-amzn-internal-status
304
Last-Modified
Wed, 31 Aug 2022 20:41:50 GMT
Server
ECS (frb/668D)
Etag
"f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age
3000
x-tw-cdn
VZ
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
RRNR9-85ANW-4QF6A-ZJTU2-LGRHY
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/RRNR9-85ANW-4QF6A-ZJTU2-LGRHY
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:388::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 14:37:17 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		279 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
338390ac7aee8a2420466a23996b69fc156c9ae7fac1b1853eb07b9b8b6d7614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85740
x-xss-protection
0
last-modified
Sun, 25 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Sep 2022 16:52:49 GMT
spriteVertBkg.gif
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		159 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/spriteVertBkg.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5f79d06810cf448519b18ccab3fdcc94a27457d67457c0ab90fc00708ef85245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Thu, 20 Jan 2022 15:39:21 GMT
server
Akamai Image Manager
etag
"03e2d24537dd51:0"
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=91510
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
159
expires
Mon, 26 Sep 2022 18:17:59 GMT
appicon.png
www.newsmax.com/App_Themes/News-max-mobile/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/News-max-mobile/appicon.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6c4d51c996c96d360f456c632a2a8152c3f6ad80db759dbb23c11d41fcb93a07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Thu, 20 Jan 2022 15:39:27 GMT
server
Akamai Image Manager
etag
"eeaf9113fbd7d71:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=468428
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1422
expires
Sat, 01 Oct 2022 02:59:57 GMT
nmSpriteMaster.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/nmSpriteMaster.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1963f6ba3fb5c0fe5ea91c5156292beb8dfddee3e14bb995185f5b440dd9f0af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Mon, 25 Apr 2022 18:26:02 GMT
server
Akamai Image Manager
etag
"2f20ca3fd158d81:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=490219
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
55073
expires
Sat, 01 Oct 2022 09:03:08 GMT
newsmax_logo_new.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/newsmax_logo_new.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5ece4398c41c452d1fb318c62936d1d73fffc2f6dfdf10ed988ac67113dee701

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
"99dea9698c8d81:0"
x-serial
1501
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=468752
last-modified
Thu, 20 Jan 2022 15:39:29 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3407
expires
Sat, 01 Oct 2022 03:05:21 GMT
spriteHorBkg.gif
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		98 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/spriteHorBkg.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0170004a718387fce95146859083c72db0df41425ec06c63d9e63e28d667102a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
"03e2d24537dd51:0"
x-serial
668
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=77649
last-modified
Thu, 20 Jan 2022 15:39:27 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
98
expires
Mon, 26 Sep 2022 14:26:58 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/9248945/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:29:17 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
1413
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
V8jKXnp5jfBAHp58l0TLYbAQPGhDjwZtJnvxoihEpeucSvnhf0Dc2g==

Redirect headers

location
/internal-cs/default/beacon.js
date
Sun, 25 Sep 2022 16:52:49 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
cMPICrq0hWVDdvc31SDKrIfiuleJ27aWloQZlxoXQCGFP1XSGIr4bw==
x-cache
Miss from cloudfront
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:48 GMT
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76838
x-powered-by
ASP.NET
content-length
816
last-modified
Thu, 11 Jun 2020 23:20:57 GMT
server
cloudflare
etag
"d7046f64640d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PojMmUHeeQv%2Fk0RgNy0doQPd9XYrbKQQZ0wHmB5aLD%2BuKFOFh7pkWycbk7qSfUmjVIMzHa%2B9FA9%2F%2BPNfxb%2Ftq3i88TSFCuSqxQ8qgWFO5szJYPjGejAlcPrcYmyuIULviMIxDOuKUmi%2BV%2FLN7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
750545be2fd09054-FRA
access-control-allow-headers
*
ZE6BULZwwRw
www.youtube.com/embed/ Frame 8318 		65 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ZE6BULZwwRw
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0bc132d8f8081cd306b286f39d079ec760ec04ba766f59ccd8d019bb13fba698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sun, 25 Sep 2022 16:52:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
Bodoni_SvtyTwo_ITC-TT-Bold.ttf
www.newsmax.com/App_Themes/NewsmaxNew/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/fonts/Bodoni_SvtyTwo_ITC-TT-Bold.ttf
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5fb513268e641e680e8f2c0848af922f84c20368d1838b90655571cef9975b6f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.newsmax.com/css/newsmax.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
last-modified
Sun, 26 Apr 2020 16:56:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"081f6a8eb1bd61:0"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
date
Sun, 25 Sep 2022 16:52:49 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
83472
x-ua-compatible
IE=edge
ITC_Franklin-Light.ttf
www.newsmax.com/App_Themes/NewsmaxNew/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/fonts/ITC_Franklin-Light.ttf
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a7e82da5ca4dbba958cd0b570a8b59ff123968e41bc6abdbe7ddf9dc97f3f7d5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.newsmax.com/css/newsmax.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
last-modified
Sun, 26 Apr 2020 21:21:22 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0352ea2101cd61:0"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
date
Sun, 25 Sep 2022 16:52:49 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
19244
x-ua-compatible
IE=edge
ITC_Franklin-Bold.ttf
www.newsmax.com/App_Themes/NewsmaxNew/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/fonts/ITC_Franklin-Bold.ttf
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa0f38af9e138a9b67cf922ac3e99f6fbd1c85202d18f601f880aff3d3820df8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.newsmax.com/css/newsmax.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
last-modified
Sun, 26 Apr 2020 21:21:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ae9a9e101cd61:0"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
date
Sun, 25 Sep 2022 16:52:49 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
27968
x-ua-compatible
IE=edge
AGSKWxWSfiR1c4IUGOykTNjDhD4CEBhZQONT11Oa-HHdnW2rL6UfA5SzqtPAFPOi12LTgeiwSAnFMFn3X8Nc10bUBUg=
fundingchoicesmessages.google.com/f/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWSfiR1c4IUGOykTNjDhD4CEBhZQONT11Oa-HHdnW2rL6UfA5SzqtPAFPOi12LTgeiwSAnFMFn3X8Nc10bUBUg=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0MTI0NzY5LDEzMDAwMDAwMF0sIjBBQzZDRUMxLUZCNkEtNEVCQi04MDZCLTgyNkM3NTg4MzdFMiIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cubmV3c21heC5jb20vdXMvZG9uYWxkLXRydW1wLXJhbGx5LW1hZ2EvMjAyMi8wOS8xNy9pZC8xMDg3OTY1LyIsbnVsbCxbWzgsIkhlTEtzN09TVm5RIl0sWzksImRlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
795c2a780c7e9955913c82355bec4c8e336a7514df8d658eaf87b240501dd5f1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-iBn4QQCNUb8eEEu-yWWa2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-iBn4QQCNUb8eEEu-yWWa2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/abfb84fe/ Frame 8318 		358 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/abfb84fe/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZE6BULZwwRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ef6d6383702bc06b134e946c269ece57f40b540882483d804cea173a235831c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ZE6BULZwwRw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
266671
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49730
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:22:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 14:48:18 GMT
www-embed-player.js
www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/ Frame 8318 		309 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZE6BULZwwRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ZE6BULZwwRw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
266671
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97978
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:22:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 14:48:18 GMT
base.js
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame 8318 		2 MB
579 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZE6BULZwwRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd1e395622ba3b297d6f5b522f13c7ce1682dd5ae900513cb9abb2bebf5f2cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ZE6BULZwwRw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
266671
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592503
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:22:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 14:48:18 GMT
fetch-polyfill.js
www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/ Frame 8318 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZE6BULZwwRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ZE6BULZwwRw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
266671
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:22:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 14:48:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8318 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZE6BULZwwRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options
nosniff
age
452084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 20 Sep 2023 11:18:05 GMT
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9248945&cs_it=b2&cv=3.8.0.210223&ns__t=1664124769153&ns_c=UTF-8&c7=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&c8=Trump%3A%20%27Thugs%2C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27%20%7C%20Newsmax.com&c9=
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
ojFaDIQmgzpvJoIKnxoRW3pk7QRIzV6L5fJrsaeQHw5SIsKPOc8_mA==
x-cache
Miss from cloudfront
pubads_impl_2022092201.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131358
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 08:36:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Sep 2023 10:54:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		193 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newsmax.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
248ed2a5398bab8ebc5cc6e24fa1478c6d45926ac9562881bebbc5a6d1650d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121
x-xss-protection
0
expires
Sun, 25 Sep 2022 16:52:49 GMT
config.json
c.go-mpulse.net/api/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=RRNR9-85ANW-4QF6A-ZJTU2-LGRHY&d=www.newsmax.com&t=5547083&v=1.720.0&sl=0&si=9e0a6e18-2940-433c-992c-ee397b80353d-riryw0&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=390844
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RRNR9-85ANW-4QF6A-ZJTU2-LGRHY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6a5b11adf253955f0049d330b639f0598cadaec115854b6dfc4eb246dd8c8f92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1441
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
1517
date
Sun, 25 Sep 2022 16:27:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Sun, 25 Sep 2022 18:27:32 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
server
cafe
etag
1764007376392519731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 16:52:49 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 02 Oct 2022 16:52:49 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-xss-protection
0
pragma
public
x-fb-debug
nae2EfmQFD8bvPNxzG8k9Eqvi5z+qqMVhjWAvkIJB169CZgCbGwymf4HtM/bK+Y5xuiK1PUhTl0CdAtCxfb9Qg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 25 Sep 2022 16:52:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
a-026z.min.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-026z.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
322efa9e492ebacc0990d1417a92af7eb0eb5bce6893dbd49afeb0cd9756f654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 02:13:09 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
age
52780
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P2
content-encoding
gzip
x-amz-cf-id
ysnrpZp2XZB_7FnMNWNj1ze_QaAPDHAHC7h32wCaDTf5joVDu6yiwg==
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL644C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545c00ed59bb8-FRA
date
Sun, 25 Sep 2022 16:52:49 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1867
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 16:52:49 GMT
hb_319293_10071.js
player.adtcdn.com/prebidlink/462256/ 		377 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a694dfbdef7cf57647736e00e5fa86338f3c644a66adb0fc20a2484af9646612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Aug 2022 20:09:34 GMT
server
cloudflare
age
34
etag
W/"62fe9c7e-5e2f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fq4%2FoynQ8bsZ%2BDNE3GFiB16eaPfvE4WoyQyWjEc4KMGXBPL7XO58V%2BTSdoZHjkhzxBwNSQhAhjHnmq3%2F9cHRsXEq05FjWJgrTgI5Plw3%2FT5%2BN84DKvz%2FkntOhecOKSgncPnbLR0xfwVMwrbWuxkjoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
750545c00dfc91e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 25 Sep 2022 17:07:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff0cd27464af92ef4955485402b156bb4233559c2ec249d3f2e1672bd74d570c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27832
x-xss-protection
0
server
sffe
etag
"1344 / 824 of 1000 / last-modified: 1663970834"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 25 Sep 2022 16:52:49 GMT
wrapper_hb_319293_10071.js
player.adtcdn.com/prebidlink/462256/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/462256/wrapper_hb_319293_10071.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f7ad41fd49182c64a8e99d2567ae6f550852bcd1afa1a85ec7c60d645909ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 24 Sep 2022 04:25:19 GMT
server
cloudflare
age
34
etag
W/"632e86af-6e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuzvqRoIpe88s2LfCPfBn9HArtX6AYG3%2B2W2oulSl6JVwyYpOxC0eJ8s%2BBkQ4q2IrLv3XGOQQLtJFIwQPJyhual7AsIdXh2DR8ki07rNtWjKK%2FX2%2BlxaS0hNXAXAS5iG6prEa6iH9Q8hGp3HH39SRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
750545c01e1a91e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 25 Sep 2022 17:07:15 GMT
rules-p-St___PnJ1vDs5.js
rules.quantcount.com/ 		209 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-St___PnJ1vDs5.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30235be1a8cb2c0b43d75136c68490e0cb2c16c5c43c6d2b0e755bf97145c4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:05:26 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
age
2994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Sat, 27 Aug 2022 16:05:30 GMT
server
AmazonS3
etag
"9057db354e73da64ab9bdf855454a44e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
7Iv6pgzFuCabSCq1ZnQYrAK_55xkGS_nBjdwuBGH5am4ON0cbVus1g==
2353704501325948
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2353704501325948?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03d8d375110f1a0305d787365607af49c29229381a092d932a2d63661d2de837
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
TfAzXGmnZfDwP9OrwI6aa0up0E4QdE2nJhThRzAttHWXsVr52IBJN7JIsw2IJSuYQUn4W5toiozV91RYpdI4Ww==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 25 Sep 2022 16:52:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 8318
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZE6BULZwwRw
Protocol
H3
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3eb72c22ba0124e76182f180a32d33f38a27128da47a0670f7a1dfdf5c4fb327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 25 Sep 2022 16:52:49 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8318 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:48:10 GMT
x-content-type-options
nosniff
age
279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Sep 2022 17:03:10 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 25 Sep 2022 16:52:49 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8318 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
911a0d45a79db6dfb420d88c00c9d880a43706bb0e9130770ddc05b8e78c4eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
31077
x-xss-protection
0
remote.js
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame 8318 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
518a60fee17316c05108a084582854df899339bb298832856af1f7f2737fb768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ZE6BULZwwRw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
266648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37170
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:22:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 14:48:41 GMT
SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js
www.google.com/js/th/ Frame 8318 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ac3537cc63f1ad2b631472037e21dfa41ac9a3fb91f567ba312bb7b1ef55759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 16:50:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
86527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14354
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Sep 2023 16:50:42 GMT
embed.js
www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/ Frame 8318 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5739c73aae8dcd2db9eeb6bcb168da14cdf299a4e9bda32165ff45ac27e931c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ZE6BULZwwRw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 14:48:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
266669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8110
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:22:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 14:48:20 GMT
truncated
/ Frame 8318 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
fXgXYq-vfZapJMvkRQ2k6L1vj4Zd2J97zKXlsc6G95LdIyfH3PI8o-QPreIbPOkEE0B63i1vNdU=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 8318 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/fXgXYq-vfZapJMvkRQ2k6L1vj4Zd2J97zKXlsc6G95LdIyfH3PI8o-QPreIbPOkEE0B63i1vNdU=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZE6BULZwwRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b14e4c1038e23928a51053c536317284c3e7a422b189ebb9f20f0ca07e8eb7d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 14:49:51 GMT
x-content-type-options
nosniff
age
7378
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3032
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 16:13:27 GMT
maxresdefault.jpg
i.ytimg.com/vi/ZE6BULZwwRw/ Frame 8318 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ZE6BULZwwRw/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ZE6BULZwwRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46e9d1aeae4d179df6713026d79079064638720bfbf53a6e766f89d90bb0fb28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86489
x-xss-protection
0
server
sffe
etag
"1663459951"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 25 Sep 2022 18:52:49 GMT
hbw_master_319293_10071.js
player.adtelligent.com/prebidlink/x462256/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/x462256/hbw_master_319293_10071.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/wrapper_hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b65cb054005d10d68216cfe916090cd3f00f22ade446f60393a30bd9149534de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
last-modified
Sat, 24 Sep 2022 04:25:19 GMT
server
nginx
etag
W/"632e86af-18bda"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 27 Sep 2022 16:52:49 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-31221-1&cid=1883331922.1664124769&jid=987420814&gjid=1137945759&_gid=1161030251.1664124769&_u=YGBAgAABAAAAAE~&z=1588851535
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 25 Sep 2022 16:52:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=915411207&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&ul=en-us&de=UTF-8&dt=Trump%3A%20%27Thugs%2C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=987420814&gjid=1137945759&cid=1883331922.1664124769&tid=UA-31221-1&_gid=1161030251.1664124769&gtm=2wg9l0WL644C&z=1760274014
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 20:07:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74722
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
pxl.qccerttest.com/ 		35 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1055128067;fpan=1;fpa=P0-1659173303-1664124769511;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=newsmax.com;dst=0;et=1664124769511;tzo=0;url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F;ogl=description.The%20%22thugs%20and%20tyrants%22%20attacking%20the%20MAGA%20movement%20have%20awakened%20a%20%22sleeping%20gi%2Cpage_id.85452072376%2Csite_name.Newsmax%2Cimage%3Aheight.500%2Cimage%3Awidth.600%2Cimage%3Atype.image%2Fjpeg%2Cimage.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2FCMSPages%2FGetFile%252Easpx%3Fguid%3Dd1ebe0e1-6ca9-4968-b08b-45858%2Curl.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F%2Ctype.article%2Ctitle.Trump%3A%20%27Thugs%252C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:cc00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 01:48:50 GMT
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
54240
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
kWJVpg5C1j4W5s3IZaje29RKRm7UCvn9pBIvb7TNhbq_hwSJdBRgUw==
pixel;r=1922878556;source=gtm;rf=0;a=p-St___PnJ1vDs5;url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F;uht=2;fpan=0;fpa=P0-1659173303-1664124769511...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1922878556;source=gtm;rf=0;a=p-St___PnJ1vDs5;url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F;uht=2;fpan=0;fpa=P0-1659173303-1664124769511;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=newsmax.com;dst=0;et=1664124769513;tzo=0;ogl=description.The%20%22thugs%20and%20tyrants%22%20attacking%20the%20MAGA%20movement%20have%20awakened%20a%20%22sleeping%20gi%2Cpage_id.85452072376%2Csite_name.Newsmax%2Cimage%3Aheight.500%2Cimage%3Awidth.600%2Cimage%3Atype.image%2Fjpeg%2Cimage.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2FCMSPages%2FGetFile%252Easpx%3Fguid%3Dd1ebe0e1-6ca9-4968-b08b-45858%2Curl.https%3A%2F%2Fwww%252Enewsmax%252Ecom%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F%2Ctype.article%2Ctitle.Trump%3A%20'Thugs%252C%20Tyrants'%20Awakened%20a%20'Sleeping%20Giant';ses=961e7755-1290-4e30-b08e-9a9885a618b4
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31571
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971560661/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971560661/?random=1664124769548&cv=9&fst=1664124769548&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tiba=Trump%3A%20%27Thugs%2C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27%20%7C%20Newsmax.com&auid=1916367495.1664124769&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d82fea90c3639220ab27bc1d7af09cf28d8c415f5c79243ac12cbe267ecfc2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1089
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TVScheduleHandler.ashx
www.newsmax.com/CMSPages/NewsMax/Handlers/ 		74 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/CMSPages/NewsMax/Handlers/TVScheduleHandler.ashx
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f8f6059a89bef196156d9e5eba3bf4b6e11b7d15b6653e2c8e126d970937a79
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=HIT, edge; dur=28
content-length
14334
x-ua-compatible
IE=edge
last-modified
Sun, 25 Sep 2022 16:48:41 GMT
server
Microsoft-IIS/10.0
date
Sun, 25 Sep 2022 16:52:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=52
expires
Sun, 25 Sep 2022 16:53:41 GMT
player.esi
amp.akamaized.net/hosted/1.1/ 		277 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bb34df5214a8b9cd7d9bfc120252b6fdb17b03a094692822637de21145cf3df5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:50 GMT
Content-Encoding
gzip
PROTO
https
Server
AkamaiNetStorage
ETag
"22c8e983ad99cc0570d21c8e586cb8e9:1597899815"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
full.gif
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		97 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/full.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4d587885f84d5f0b3287ee5a85401c1fd06b7a79bb62fbec528ce26585f85852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Thu, 20 Jan 2022 15:39:30 GMT
server
Akamai Image Manager
etag
"e346b7983afed61:0"
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=97470
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
97
expires
Mon, 26 Sep 2022 19:57:19 GMT
sync-container.js
b-code.liadm.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-026z.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 04 Sep 2022 17:05:41 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
age
1813629
etag
"ae5e94de938b0387eda6df8f20da811a"
x-cache
Hit from cloudfront
x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
application/javascript
content-length
5904
x-amz-cf-id
DXvLXqO0uUGxDocDeIzKfhw2BIkWsMAQUrJODVlWHxaO0Oi-zSojjg==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545c228825c4a-FRA
date
Sun, 25 Sep 2022 16:52:49 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1867
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 16:52:49 GMT
iconCommenting.gif
www.newsmax.com/App_Themes/Newsmax/images/ 		696 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/Newsmax/images/iconCommenting.gif
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a5d0212b57cd91453464ddb13dd3ce87ced642a8c2e68a5c62e5273dc79aad4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
"011fc22537dd51:0"
x-serial
1712
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=102320
last-modified
Thu, 20 Jan 2022 15:44:28 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
696
expires
Mon, 26 Sep 2022 21:18:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:01:51 GMT
x-content-type-options
nosniff
age
291058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 05:29:41 GMT
x-content-type-options
nosniff
age
40988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Sep 2023 05:29:41 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-31221-1&cid=1883331922.1664124769&jid=987420814&_u=YGBAgAABAAAAAE~&z=294701594
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-31221-1&cid=1883331922.1664124769&jid=987420814&_u=YGBAgAABAAAAAE~&z=294701594
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b1b96725-5da4-44ec-8c57-0a9000ebf916.js
product.instiengage.com/product-loader-code/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/b1b96725-5da4-44ec-8c57-0a9000ebf916.js
Requested by
Host: soapps.net
URL: https://soapps.net/live/loader/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:9c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57d991857048a5599b4855dc7d67079cc556e2ebfef75189b89d6e5fc82a40a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
Q32v3iPY.h6IECNY2.0fEkfTVv4upuZS
content-encoding
br
last-modified
Tue, 23 Aug 2022 12:15:15 GMT
server
AmazonS3
age
284
etag
W/"24de0b98d2053a6d043dd56310a28c1a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Sun, 25 Sep 2022 16:48:23 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
SoIV3aOz2vW2Ay-r_l7_D2AXyU262dz3KNVwRRcUuR9Kv2pj5x95Qw==
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8318 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Sep 2022 16:52:49 GMT
Newsmax_Jokes_button.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/Newsmax_Jokes_button.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
24561fe775c2aa05376c741a39d56f0de51734139f34cd6dd9c8b302f3b46d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Thu, 20 Jan 2022 15:39:28 GMT
server
Akamai Image Manager
etag
"011fc22537dd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=474869
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
981
expires
Sat, 01 Oct 2022 04:47:18 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1468751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKh1E9RmM2hK7lUXs%2F5fatprVwwJkdbBZ%2FF7NX2DDft2Kfihb0tIcjcTByPgD4z%2F7r%2FgBjgizx8wJU33Mtv%2F%2BiRGby%2B46%2Fr692%2Bm%2FYfHM5ZCon8QrS%2Bbvdypo1Akrsz28GDS2BWm5HUMH2c3RPR0M08H"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
750545c30a8690a9-FRA
expires
Fri, 15 Sep 2023 16:52:49 GMT
bootloader.js
static.newsmaxfeednetwork.com/web-clients/bootloaders/ZlB6kIzR8vJVn32BbZzMWv/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsmaxfeednetwork.com/web-clients/bootloaders/ZlB6kIzR8vJVn32BbZzMWv/bootloader.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.182.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-182-6.compute-1.amazonaws.com
Software
openresty / Express
Resource Hash
34d7ecd8274df6ec57884dfcdfcd0ae24aed20ec59f0624de787d125b2a8c4be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:50 GMT
Content-Encoding
gzip
etag
W/"58e-sRnlU59AAGrqWIxcPxP6F5dxtYk"
Server
openresty
x-powered-by
Express
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
cache-control
public, max-age=300
x-envoy-upstream-service-time
2
Connection
keep-alive
generate_204
www.youtube.com/ Frame 8318 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?hv38QQ
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ZE6BULZwwRw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1664124769790&aid=a-026z&se=e30&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&tna=v2.4.2&pu=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F...
  • https://rp4.liadm.com/j?dtstmp=1664124769790&aid=a-026z&se=e30&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&tna=v2.4.2&pu=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2...
13 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1664124769790&aid=a-026z&se=e30&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&tna=v2.4.2&pu=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&wpn=lc-bundle&c=PHRpdGxlPgoJVHJ1bXA6ICdUaHVncywgVHlyYW50cycgQXdha2VuZWQgYSAnU2xlZXBpbmcgR2lhbnQnIHwgTmV3c21heC5jb20KPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlICB0aHVncyBhbmQgdHlyYW50cyAgYXR0YWNraW5nIHRoZSBNQUdBIG1vdmVtZW50IGhhdmUgYXdha2VuZWQgYSAgc2xlZXBpbmcgZ2lhbnQsICBmb3JtZXIgUHJlc2lkZW50IERvbmFsZCBUcnVtcCBzYWlkIGR1cmluZyBoaXMgU2F2ZSBBbWVyaWNhIHJhbGx5IGluIFlvdW5nc3Rvd24sIE9oaW8sIG9uIFNhdHVyZGF5IG5pZ2h0LiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEx&n3pc=true
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Server
35.168.71.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-71-120.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
x-pixel-event-id
9fa4b294-c553-4827-8e1d-a42d21a1d84d
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
ab009ed3111e5711
request-time
0
content-length
13
x-content-type-options
nosniff

Redirect headers

date
Sun, 25 Sep 2022 16:52:50 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1664124769790&aid=a-026z&se=e30&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&tna=v2.4.2&pu=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&wpn=lc-bundle&c=PHRpdGxlPgoJVHJ1bXA6ICdUaHVncywgVHlyYW50cycgQXdha2VuZWQgYSAnU2xlZXBpbmcgR2lhbnQnIHwgTmV3c21heC5jb20KPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlICB0aHVncyBhbmQgdHlyYW50cyAgYXR0YWNraW5nIHRoZSBNQUdBIG1vdmVtZW50IGhhdmUgYXdha2VuZWQgYSAgc2xlZXBpbmcgZ2lhbnQsICBmb3JtZXIgUHJlc2lkZW50IERvbmFsZCBUcnVtcCBzYWlkIGR1cmluZyBoaXMgU2F2ZSBBbWVyaWNhIHJhbGx5IGluIFlvdW5nc3Rvd24sIE9oaW8sIG9uIFNhdHVyZGF5IG5pZ2h0LiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEx&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.newsmax.com
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
7a22661f4f5301e7
request-time
0
content-length
0
x-content-type-options
nosniff
newsmax_logo_new_footer.png
www.newsmax.com/App_Themes/NewsmaxNew/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/NewsmaxNew/images/newsmax_logo_new_footer.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/css/newsmax.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9cef7f743987479022148931132527fe1b8712ea4949cae7a5e9b1b73884f9fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/css/newsmax.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:49 GMT
last-modified
Thu, 20 Jan 2022 15:39:30 GMT
server
Akamai Image Manager
etag
"c9df6c4f8c8d81:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=209232
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1940
expires
Wed, 28 Sep 2022 03:00:01 GMT
config.json
player.adtelligent.com/exchange_rates/319104/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/319104/config.json?cb=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0e0bceace75c4b5d1524ad4d542a9ff7c0c720e5a604d7edd034a3d1aed83e72

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 12:01:30 GMT
server
nginx
etag
W/"6330431a-84b"
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
expires
Tue, 27 Sep 2022 16:52:49 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
2755677304707901
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2755677304707901?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56ebf9588688f321924d70912ae583ac891ce5a72bf13bf8b4982eb3a670b773
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
0HufqVYMFRWv0FdAUdTZ2Ic6vT9Fjwq1h2eTnpGLxUuyGqX241yj133Q89F6DR2hulwJOWJczvQjpVXHW0ogsw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 25 Sep 2022 16:52:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2353704501325948&ev=PageView&dl=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&rl=&if=false&ts=1664124769846&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22200489208854101%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22408495800787067%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1664124769845.318140719&it=1664124769311&coo=false&rqm=GET
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sun, 25 Sep 2022 16:52:49 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5f89c3ccdaa66308/ 		2 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5f89c3ccdaa66308/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
264a4152036cf4c4deba274551e5faa60e993d776a249c58bcd5fff71d3f59ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
etag
-1789200638--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=0, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
724
300lo.json
m.addthis.com/live/red_lojson/ 		91 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6330876193e91ff5&bkl=0&bl=1&pdt=853&sid=6330876193e91ff5&pub=ra-5f89c3ccdaa66308&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.newsmax.com&fp=us%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=donald%20trump%2Crally%2Cmaga%2Cyoungstown%2Cohio%2Csleeping%20giant%2Csave%20america&colc=1664124769904&jsl=12289&uvs=63308761deb057fc000&skipb=1&callback=addthis.cbs.jsonp__0293126617425814030
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e13bf1e03cd72f04b8bb8cf6341a968a1a192fd350ebda1adef6bdeacf78930d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
91
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 666B 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1DDE 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Sun, 25 Sep 2022 16:52:49 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
iframe.html
app.beyondwords.io/api/v2/projects/15943/podcasts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.beyondwords.io/api/v2/projects/15943/podcasts/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
750545c45debbb8b-FRA
date
Sun, 25 Sep 2022 16:52:50 GMT
server
cloudflare
via
1.1 vegur
15943
audio.beyondwords.io/r/
Redirect Chain
  • https://app.beyondwords.io/api/v2/projects/15943/podcasts/iframe.html
  • https://audio.beyondwords.io/r/15943
7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/r/15943
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f853324be60f9bd240ae481ca815542154f5cc07530fa34531fabe726286869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
c2a63975-bdd8-4401-8c90-070805b9a146
x-runtime
0.021092
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=300
cf-ray
750545c629f2bb8b-FRA
expires
Sun, 25 Sep 2022 16:57:50 GMT

Redirect headers

date
Sun, 25 Sep 2022 16:52:50 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
access-control-allow-origin
*
access-control-max-age
7200
vary
Origin
x-xss-protection
1; mode=block
x-request-id
3fa2d805-303e-4fc6-bab6-a846c5414579
x-runtime
0.007795
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
content-type
text/html; charset=utf-8
location
https://audio.beyondwords.io/r/15943
access-control-expose-headers
cache-control
no-cache
cf-ray
750545c52fd2bb8b-FRA
widget_iframe.c4bdc17e77719578b594d5555bee90db.html
platform.twitter.com/widgets/ Frame B6A0 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.newsmax.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2146149
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Sun, 25 Sep 2022 16:52:49 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 31 Aug 2022 20:40:57 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
/
ghb.adtelligent.com/geo/ 		144 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462256/hbw_master_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c2e808f7162307caeb58b376170c0bd27635d55183a3d0f055295d7ed2fa8313

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:49 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
144
tracking
ghb.adtelligent.com/adunit/ 		43 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=319293&site_id=10071&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&adid=hkx6ab.ii&features=81952&vpbv=N087&tte=697&lifecycle_tte=2016
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462256/hbw_master_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:49 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.newsmax.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
web
onesignal.com/api/v1/sync/d4a15f2f-7ca8-48ca-aa1f-0bea58100a1c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d4a15f2f-7ca8-48ca-aa1f-0bea58100a1c/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7be60bf9813429125aa4f823f1c1b0511f7d4dd7a9bb6617c700470d8884af1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
346
cf-polished
origSize=3398
status
200 OK
x-envoy-upstream-service-time
32
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
40784389-9171-4f96-8638-bf0ae83bc94a
x-runtime
0.030311
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"fc41f2b6643015146e3170958df5176e"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
750545c449529bb8-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 25 Sep 2022 17:52:49 GMT
sponsoredheadline.ashx
www.newsmax.com/cmspages/newsmax/handlers/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/cmspages/newsmax/handlers/sponsoredheadline.ashx?&Url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d896e9d0fc4c7e1ba109755cffc4416210cb2bb25df9eae39524828a876b2e4a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=55, origin; dur=135
content-length
755
x-ua-compatible
IE=edge
last-modified
Sun, 25 Sep 2022 16:52:50 GMT
server
Microsoft-IIS/10.0
date
Sun, 25 Sep 2022 16:52:50 GMT
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=293
expires
Sun, 25 Sep 2022 16:57:43 GMT
ecomms.ashx
www.newsmax.com/cmspages/newsmax/handlers/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/cmspages/newsmax/handlers/ecomms.ashx?sitename=newsmax&Url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/js/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4dfd75e64b982b6163e6017cb89ec6c5217197a8949330f58a6d1f6991bd541
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=52, origin; dur=358
content-length
654
x-ua-compatible
IE=edge
last-modified
Sun, 25 Sep 2022 16:52:50 GMT
server
Microsoft-IIS/10.0
date
Sun, 25 Sep 2022 16:52:50 GMT
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=253
expires
Sun, 25 Sep 2022 16:57:03 GMT
/
www.google.com/pagead/1p-user-list/971560661/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971560661/?random=1664124769548&cv=9&fst=1664121600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tiba=Trump%3A%20%27Thugs%2C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27%20%7C%20Newsmax.com&async=1&fmt=3&is_vtc=1&random=828492960&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/971560661/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/971560661/?random=1664124769548&cv=9&fst=1664121600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tiba=Trump%3A%20%27Thugs%2C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27%20%7C%20Newsmax.com&async=1&fmt=3&is_vtc=1&random=828492960&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.newsmax.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 25 Sep 2022 16:52:50 GMT
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		25 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
03c6dfd41e6fb9a5dec5e2467e3846a72c8001f62068b65f5fb635aed338aea8

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1097241a15d3aae26d1191cd8d5d463d479149d21c8306c712ca2f8c559945b8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 25 Sep 2022 16:52:50 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
27202555-f38f-4ec4-9ba5-b997ff135805
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		274 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9186fc11b2a687dd6fd7bb9ce6e5f03154f6d4a1361d8a6b4d0d40ad9edc9c13
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
b5a007fa-5cbc-451c-be45-d56b92a7e50a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
274
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ortb
bid.contextweb.com/header/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
x-no-bid-reason
Passback by decision
date
Sun, 25 Sep 2022 16:52:50 GMT
server
envoy
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fa57a94de8815e3eda62b6878b021b55faf626888cbbf580de8a28ed84990a0d

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fa57a94de8815e3eda62b6878b021b55faf626888cbbf580de8a28ed84990a0d

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fa57a94de8815e3eda62b6878b021b55faf626888cbbf580de8a28ed84990a0d

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fa57a94de8815e3eda62b6878b021b55faf626888cbbf580de8a28ed84990a0d

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fa57a94de8815e3eda62b6878b021b55faf626888cbbf580de8a28ed84990a0d

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c-2cfImqCr7ikOaKlKyvbs
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fa57a94de8815e3eda62b6878b021b55faf626888cbbf580de8a28ed84990a0d

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
trinity.json
apex.go.sonobi.com/ 		204 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221249209b06e9fb64%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%22125cef51d54cd6f%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%2212697e491963025c%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%221273c824ccb27d94%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%221281bb84761bd9f%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%2C%22129f48abfa7614f2%22%3A%22d199cb3073a591b565b4%7C300x250%7Cgpid%3D%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D&ref=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&s=807279db-b1f2-4a4a-b61b-80e733ec5d7b&pv=ed25d186-c410-4935-87d7-ba82bf7300fb&vp=desktop&lib_name=prebid&lib_v=6.25.1-c&us=0&ius=1&userid=%7B%22pubcid%22%3A%22f3acf268-ea21-4048-9348-eb53b33883e9%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f3acf268-ea21-4048-9348-eb53b33883e9%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
2c97cf46eba9175dacef3b2f48dbc995bfb45c10252f04c54373d3e9c3cac24c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-110
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
163
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&eid_pubcid.org=f3acf268-ea21-4048-9348-eb53b33883e9%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=ec482a57-58ae-4a03-935b-917d6d57eb55&l_pb_bid_id=131f5ac29f2d9f04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.6473625332274888
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8edc122b4af22856c447b956e3624e7eef46790989835e24ca05ca1724089a0a

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
380
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&eid_pubcid.org=f3acf268-ea21-4048-9348-eb53b33883e9%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=f142fe01-ebb9-416f-966a-6f299da17aba&l_pb_bid_id=132e35199dd6fbd9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.22081800247175565
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7e5d5a059c7d1eca2b3bf6e72ce26282597bb69e0b8f5e58125acd1219dd3d47

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
380
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&eid_pubcid.org=f3acf268-ea21-4048-9348-eb53b33883e9%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d9a56243-0f10-4c8e-b332-3d684f38fede&l_pb_bid_id=1337d1974d7c99f7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.024813605189450305
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a3685b9d4693dfaf046bce791f9ac15ff0489c42fc38a7fb156ebb921db86421

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
380
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&eid_pubcid.org=f3acf268-ea21-4048-9348-eb53b33883e9%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=a9ea7ebd-d878-47ab-aa8f-b42ca609073d&l_pb_bid_id=134457cd1b668e7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.10658456644994807
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5de21940b9c196fbe32c6df9084c26b88f9ae329642141a5a616c27b2ee90b3a

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
380
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&eid_pubcid.org=f3acf268-ea21-4048-9348-eb53b33883e9%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=9e6c9544-2978-44cb-8351-dcc1a53a9bed&l_pb_bid_id=135da980fc5fb6d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.915251131807765
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3d59c38f29219076d85b1a323bebc72fdf2079d419107a935516a516a82551a9

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
380
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=291906&zone_id=1978904&size_id=15&eid_pubcid.org=f3acf268-ea21-4048-9348-eb53b33883e9%5E1&rf=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&tg_i.pbadslot=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1d9b2fb8-4825-4cdf-92b8-29a70e2dc1c5&l_pb_bid_id=136d7aff89096d24&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&slots=1&rand=0.14180312551895247
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
75901c93894eb616d8c7a232bf58969dfa3899a4ddacdfcab0bb5d6e16ea28a2

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.newsmax.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
380
Expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.newsmax.com
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:50 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
arj
os4m-d.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ec482a57-58ae-4a03-935b-917d6d57eb55%2Cf142fe01-ebb9-416f-966a-6f299da17aba%2Cd9a56243-0f10-4c8e-b332-3d684f38fede%2Ca9ea7ebd-d878-47ab-aa8f-b42ca609073d%2C9e6c9544-2978-44cb-8351-dcc1a53a9bed%2C1d9b2fb8-4825-4cdf-92b8-29a70e2dc1c5&nocache=1664124770025&pubcid=f3acf268-ea21-4048-9348-eb53b33883e9&aus=300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250&divids=div-gpt-ad-us-9e713434-87cb-4373-bbb4-b0a07af5ac92%2Cdiv-gpt-ad-us-9a81c0f6-4fe7-455c-b0c5-50a8578a656c%2Cdiv-gpt-ad-us-03ee2224-9534-4c08-b8cd-0377a3e433ae%2Cdiv-gpt-ad-us-300c51ed-14d6-490e-8784-2461bfbef0f2%2Cdiv-gpt-ad-us-4e920ea2-ad0f-4e57-a6fa-a84d458c9024%2Cdiv-gpt-ad-us-7664ab2f-619e-4502-975e-9af649a0c3f1&aucs=%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%2C%252F6305169%252FNewsmax%252FNewsmax%2523div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3&auid=543966149%2C543966149%2C543966149%2C543966149%2C543966149%2C543966149
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
961dda22525572016c6103bc68c40c30dc924ad3fc17e079a4b9e6c5a2d5ed8d

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsmax.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.newsmax.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=79392516856
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:49 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cygnus
htlb.casalemedia.com/ 		38 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=728004&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221680f863e42bcb95%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22169273df52e62e78%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%22171d54a2d7dd75ab%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%221735da302b824476%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%22175288aa339b772a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%2217741d92ad3ebd4f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%2C%7B%22id%22%3A%22179a699bacc43d4d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728004%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F6305169%2FNewsmax%2FNewsmax%23div-gpt-ad-us-26bf1b34-f522-45ae-82c4-0bbaa0c387c3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f3acf268-ea21-4048-9348-eb53b33883e9%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1171885a6d2ab2eb72e3b49ed9c235b20ebf1d45b20d1535730c19b073806768

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39beUqiKKHKK80bGcOi8Rp%2BvlEEcZnrtOVrXkzzZvHn51TjMNjYp%2FZCXsQYlpZj7nvOzpIiV8kj81RJTfaYIUDVwlLIEYK%2F4mgnv8umEL1paOhdarSJwI0Lkv11ynheXqA5vKixi"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
750545c53e699b9b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
cast_sender.js
www.gstatic.com/eureka/clank/105/ Frame 8318 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/105/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 15:35:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 15:05:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:35:09 GMT
settings
syndication.twitter.com/ Frame B6A0 		771 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=a29d9f09ba2c35e215413770dd40243ae31e9ddc
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.newsmax.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
108
date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
last-modified
Sun, 25 Sep 2022 16:52:50 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
18ed243bfbd44ed6
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
1d1844e5078cea7a14b75447c39c1016cfe12b549a5c12b8ef94277ff57d40d2
content-length
327
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Sun, 25 Sep 2022 16:52:50 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8318 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5d0df13260eb9ca7a752bbafa14b8435422c549b87dbce8958406942d59967d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 25 Sep 2022 16:52:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2755677304707901&ev=PageView&dl=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&rl=&if=false&ts=1664124770156&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1664124769845.318140719&it=1664124769311&coo=false&rqm=GET
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sun, 25 Sep 2022 16:52:50 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
15943
audio.beyondwords.io/r/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/r/15943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
750545c5c92fbb8b-FRA
date
Sun, 25 Sep 2022 16:52:50 GMT
server
cloudflare
via
1.1 vegur
151.67aec2e0546e639563bb.js
s7.addthis.com/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/151.67aec2e0546e639563bb.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-68f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Sun, 25 Sep 2022 16:52:50 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
815
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
last-modified
Sun, 25 Sep 2022 16:00:00 GMT
server
nginx/1.15.8
date
Sun, 25 Sep 2022 16:52:50 GMT
content-type
application/json
access-control-allow-origin
https://www.newsmax.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
delivery.js
assets.newsmaxwidget.com/master/ 		153 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.newsmaxwidget.com/master/delivery.js
Requested by
Host: static.newsmaxfeednetwork.com
URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/ZlB6kIzR8vJVn32BbZzMWv/bootloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6409a3197cf3c4dbdea7fe09e73ef51b077d98df9351aa3bee222cdc3d7e7160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
last-modified
Fri, 23 Sep 2022 14:13:26 GMT
server
AmazonS3
x-amz-request-id
YHW0MVC09CSCNMZ1
etag
"ccd38f0e7c3297bd0a5dbd38a27821be"
x-hw
1664124770.cds123.fr8.hn,1664124770.cds288.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
49673
x-amz-id-2
PLx7u51kUKQsENyvyMSKd87u4T51P+UuM/OA/AfLRxho/kiVYHKf3YYvs1yrffo2TX+ClI4eHaA=
generic
trends.newsmaxwidget.com/event/ 		0
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&s[hash]=ZlB6kIzR8vJVn32BbZzMWv
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.210.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-210-64.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 25 Sep 2022 16:52:52 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545c618df5c4a-FRA
date
Sun, 25 Sep 2022 16:52:50 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1869
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 25 Oct 2022 16:52:50 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.005834980072033
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-J6sTlLJm8D9i9PAQ-qk-rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-J6sTlLJm8D9i9PAQ-qk-rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.075106257365203
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-yi04ysl4q7ADppeqovQzqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-yi04ysl4q7ADppeqovQzqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Sun, 25 Sep 2022 16:52:50 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G4GVNAVFlOpQz0d5J2Raiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G4GVNAVFlOpQz0d5J2Raiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame CCB9 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.newsmax.com
Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 16:52:50 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pixel_44c57ca
www.newsmax.com/akam/13/ 		0
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmax.com/akam/13/pixel_44c57ca
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/akam/13/44c57ca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=36
content-length
0
content-type
text/html
15943
audio.beyondwords.io/cf/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/cf/15943?article_url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@latest/dist/module/iframe-helper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8c6fa984ff3a7129c404fde0f79f0cb985e8c87c722874a0c947d160dd43e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
546fd943-cd54-44e6-aa18-2eb7f05c92c5
x-runtime
0.043965
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b8c6fa984ff3a7129c404fde0f79f0cb"
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=300
cf-ray
750545c78d18bb8b-FRA
expires
Sun, 25 Sep 2022 16:57:50 GMT
15943
audio.beyondwords.io/cf/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/cf/15943?article_url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
750545c72c57bb8b-FRA
date
Sun, 25 Sep 2022 16:52:50 GMT
server
cloudflare
via
1.1 vegur
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		199 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.199 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:07:19 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=67679
accept-ranges
bytes
content-type
application/javascript
content-length
62062
expires
Mon, 26 Sep 2022 11:40:49 GMT
a-026z
i.liadm.com/s/c/ Frame 810E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.172.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-172-131.compute-1.amazonaws.com
Software
/
Resource Hash
74cf92918c890b284b78f091857714667c52d34e5839bcb245d593991a2783b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
638
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Sep 2022 16:52:50 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
/
trends.newsmaxwidget.com/api/demand/ 		0
0
sync
trends.newsmaxwidget.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/sync
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.210.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-210-64.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:50 GMT
access-control-allow-credentials
true
server
openresty
x-envoy-upstream-service-time
1
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
amp.min.css
amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/amp.min.css
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
64751a151c60076c950a230ac692ac7ae5ccef6a53dc14ae8d57a594f4156ed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Feb 2022 17:33:36 GMT
Server
AkamaiNetStorage
ETag
"27aaad56ad32202160dad3257fddb67e:1645810416.146277"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
957
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		378 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128888
x-xss-protection
0
expires
Sun, 25 Sep 2022 16:52:50 GMT
Ima.min.js
amp.akamaized.net/players/9.1.9+premier/akamai/amp/ima/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/ima/Ima.min.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8476e023a74cecf03e25daada89c02053cc89a021dee725e4ba195dfdadda1d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Feb 2022 17:34:10 GMT
Server
AkamaiNetStorage
ETag
"1d83e6079473c1b57865fce8b1b2ba3e:1645810450.303186"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
6341
Googleanalytics.js
amp.akamaized.net/players/9.1.9+premier/akamai/amp/googleanalytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/googleanalytics/Googleanalytics.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
19f71a629871e89dc309b963bf234769101f4c114d59b9335c7a15891821e03c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Feb 2022 17:34:18 GMT
Server
AkamaiNetStorage
ETag
"41b58d503f16eae27fc1184bc4e57232:1645810458.574361"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
2094
javascript_malibrary.js
79423.analytics.edgekey.net/ma_library/javascript/ 		306 KB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://79423.analytics.edgekey.net/ma_library/javascript/javascript_malibrary.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.134.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-193.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7f4f75fb519a433c4dc8dcd6ba9749cfb7c4a21e4cda5d9daea541bacdc76d71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:50 GMT
Last-Modified
Thu, 24 Oct 2019 14:43:03 GMT
Server
AkamaiNetStorage
ETag
"d83076051245dae673088590db1aca3f:1571928183"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
313515
Expires
Sun, 25 Sep 2022 16:52:50 GMT
Mediaanalytics.min.js
amp.akamaized.net/players/9.1.9+premier/akamai/amp/mediaanalytics/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/mediaanalytics/Mediaanalytics.min.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1d0cb525db1d96aeb176ff1f95275446dc1fcc4235d7e650764127a172b7d634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Feb 2022 17:33:45 GMT
Server
AkamaiNetStorage
ETag
"7ed59a74ca32791479330b9b37362779:1645810425.280751"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
1729
react.min.js
amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/libs/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/libs/react.min.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
68130f5af465db2a91fee676da2cf20e4882de672632d70633131990990eff57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Feb 2022 17:35:02 GMT
Server
AkamaiNetStorage
ETag
"bb734f5a5b9a48012426778795833251:1645810501.899183"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
10142
/
www.facebook.com/tr/ Frame 4C9F 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.newsmax.com
Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 16:52:50 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
5141405
audio.beyondwords.io/e/ Frame 7C49 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/e/5141405
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@latest/dist/module/iframe-helper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f167523e2439e9cc65490e5fe063ee0d3a9ad7d890bf1f53c3194d5ab16c17e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=300
cf-cache-status
MISS
cf-ray
750545c8ff0abb53-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 25 Sep 2022 16:52:50 GMT
expires
Sun, 25 Sep 2022 16:57:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Accept-Encoding
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
8813c2aa-a2b7-48fa-9db3-dae8b80674ee
x-runtime
0.088077
x-xss-protection
1; mode=block
api-errors
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Sun, 25 Sep 2022 16:52:51 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
api-errors
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Sun, 25 Sep 2022 16:52:51 GMT
x-envoy-upstream-service-time
8
Server
openresty
Connection
keep-alive
vary
Origin
/
trends.newsmaxwidget.com/api/delivery/ 		0
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=915411207&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&ul=en-us&de=UTF-8&dt=Trump%3A%20%27Thugs%2C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAG~&jid=836680497&gjid=1925025960&cid=1883331922.1664124769&tid=UA-31221-56&_gid=1161030251.1664124769&_r=1&_slc=1&z=1818181496
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 7C49 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-97997734-2
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52bcc52d907f346ed5c8e6b599e3864bb795340197fe0668811d5b803fb378e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42253
x-xss-protection
0
last-modified
Sun, 25 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Sep 2022 16:52:51 GMT
bundle.min.js
browser.sentry-cdn.com/5.19.0/ Frame 7C49 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.19.0/bundle.min.js
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
17b100a07eaf050f9955f6ded96ceac0cec7bf008cb3fc78e32fb70af65eaf7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:50 GMT
content-encoding
gzip
last-modified
Wed, 01 Jul 2020 14:52:33 GMT
server
Fastly
age
3401080
etag
"99b288bb0b24464f9d01497e633c6f85"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
17644
expires
Thu, 17 Aug 2023 08:08:10 GMT
deliverads.
fundingchoicesmessages.google.com/f/AGSKWxV-16fBScFxS4Mz8HSQhDXSsHSQolZ2DTP7YeVaJocLAfiyGlY49M1WYfdg6EnJ4nZxNJ4Axs_XGMqTiQ7O1BvBOfP_ey3kkGbAf5hHNoCj8BmJ4wfZ5irp289Q65bhZ5-7t74MlVjI882K2vku89xG3AVuh... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV-16fBScFxS4Mz8HSQhDXSsHSQolZ2DTP7YeVaJocLAfiyGlY49M1WYfdg6EnJ4nZxNJ4Axs_XGMqTiQ7O1BvBOfP_ey3kkGbAf5hHNoCj8BmJ4wfZ5irp289Q65bhZ5-7t74MlVjI882K2vku89xG3AVuhAwy3SMhT78E87nyyitNk8loL5PS8yc4/__438x50./satnetads./orbitads./sponslink_/deliverads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51e17e3f5e6852ad0460fdb853ad606b6a686fbc52314015748c2510bbb4d91b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wcrCfJsLW7qmoUOATNAVZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wcrCfJsLW7qmoUOATNAVZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Sun, 25 Sep 2022 16:52:51 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		150 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40b236f82ab80f86a107f3f515f08efd59e273ef9120c58ef6f1f92c5a59676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149
x-xss-protection
0
server
cafe
etag
8503686451332090603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Sep 2022 17:37:18 GMT
AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lSaKAaJ9BCnt0VNu-8C0iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lSaKAaJ9BCnt0VNu-8C0iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462256/hbw_master_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.newsmax.com
Date
Sun, 25 Sep 2022 16:52:50 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
c81588e1b55f415ea3e11a5d29eaf374
i.liadm.com/s/e/a-026z/0/ Frame 810E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fc81588e1b55f415ea3e11a5d29eaf374%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&75f180be-dd61-4db0-a4ee-5c0...
  • https://i.liadm.com/s/e/a-026z/0/c81588e1b55f415ea3e11a5d29eaf374?mpid=7156&muid=8e6f6330-8763-4a00-9cae-d353eadd48d8
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-026z/0/c81588e1b55f415ea3e11a5d29eaf374?mpid=7156&muid=8e6f6330-8763-4a00-9cae-d353eadd48d8
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
54.198.172.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-172-131.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-026z/0/c81588e1b55f415ea3e11a5d29eaf374?mpid=7156&muid=8e6f6330-8763-4a00-9cae-d353eadd48d8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 25 Sep 2022 16:52:50 GMT
generic
match.adsrvr.org/track/cmf/ Frame 810E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
52164
i.liadm.com/s/ Frame 810E
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=f92e2c29-b3d0-4ca3-8215-9a4a3292749f
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=liveintent&gdpr=&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dliveintent
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=70d7ab68a8b84f3c/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=70d7ab68a8b84f3c/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26g...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D7GPoEAlsTaQTghUSgShSWMYj%26ssp%3Dliveintent
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=7GPoEAlsTaQTghUSgShSWMYj&ssp=liveintent
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f92e2c29-b3d0-4ca3-8215-9a4a3292749f
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f92e2c29-b3d0-4ca3-8215-9a4a3292749f
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
54.198.172.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-172-131.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:52 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=f92e2c29-b3d0-4ca3-8215-9a4a3292749f
Date
Sun, 25 Sep 2022 16:52:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
c81588e1b55f415ea3e11a5d29eaf374
i.liadm.com/s/e/a-026z/0/ Frame 810E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fc81588e1b55f415ea3e11a5d29eaf374%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-026z%2F0%2Fc81588e1b55f415ea3e11a5d29eaf374%3Fmp...
  • https://i.liadm.com/s/e/a-026z/0/c81588e1b55f415ea3e11a5d29eaf374?mpid=82775&muid=13370628435354752492785162985303783267
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-026z/0/c81588e1b55f415ea3e11a5d29eaf374?mpid=82775&muid=13370628435354752492785162985303783267
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
54.198.172.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-172-131.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-1-v042-0bbd03de2.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8K8dqXJkT9A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-026z/0/c81588e1b55f415ea3e11a5d29eaf374?mpid=82775&muid=13370628435354752492785162985303783267
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame 810E
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&rd=Y
43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
2.20.72.167 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-72-167.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 25 Sep 2022 16:52:51 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=75f180be-dd61-4db0-a4ee-5c06ce3ac0e4&rd=Y
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sun, 25 Sep 2022 16:52:51 GMT
/
trc.taboola.com/sg/liveintent/1/cm/ Frame 810E 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1664124771.118267,VS0,VE11
x-served-by
cache-hhn4041-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
35004
i6.liadm.com/s/ Frame 810E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-026z?s=&cim=&ps=true&ls=true&duid=cd49d5059397--01gdts1n9nbjeccsjg33v44bv0&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:da96:e3d4:ff6d:c616 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:52 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date
Sun, 25 Sep 2022 16:52:51 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
index.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		163 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/index.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b00dd2ef9e72b1cf20247b7312dc9c8618f0be4fadac78210fd43a1cd96a53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454330
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
150
x-served-by
cache-fra19167-FRA, cache-iad-kiad7000109-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"a3-YmRc8+IToBTO7iF7B836MX6uM6I"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYW83ZA5uO9JfPT3MRvZWj7daNMOKRmAY%2FXqWEbANQB9IiTmiXujqpv77qrGACuiE2CIOwSkfSe9DOYal4EtZnMZltToPXAFMGaV09oeTeRtp%2FfIkXDkEuk99Xfj1vy%2Fg24%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545cb2c8bbb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ivv_6m2R_QrVsQhoABSuXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ivv_6m2R_QrVsQhoABSuXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk-03607820.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/sdk-03607820.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81bebe8ea7dfd1945b109a9fe486ecf3b8951306ad8d3f6691c29dc2ab3352d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/index.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454329
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
28436
x-served-by
cache-fra19178-FRA, cache-iad-kiad7000042-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"11780-JdwZ9sJpS4uusV7lP7boKmZG0yo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVtBOMvpZEvFaataDNxI2mlWyfRhbL3VLAilvc11QcDBic%2BkUVSKv1P6q9bevvV4jrFPekq%2F1gZwUJ1SJpm2fVDZowxjQR6DiULrawDGOUPojH8MGUpv0It0i5lgqWLo5S8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545cb5cf6bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
analytics.js
www.google-analytics.com/ Frame 7C49 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97997734-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
1519
date
Sun, 25 Sep 2022 16:27:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Sun, 25 Sep 2022 18:27:32 GMT
js
www.googletagmanager.com/gtag/ Frame 7C49 		210 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N8K3K3VS5M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97997734-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9500a28c9236572133e8e9ee302ccc8bdbeda7be6e0c5ec45df237f09be12608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75157
x-xss-protection
0
expires
Sun, 25 Sep 2022 16:52:51 GMT
a
www.googletagmanager.com/ Frame 7C49 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-97997734-2&cv=1&v=3&t=t&pid=1577761750&rv=9l0&es=1&e=gtm.init_consent&eid=-1&tc=1&dl=audio.beyondwords.io%2Fe%2F5141405&tdp=UA-97997734-2;;0;0;0&z=0
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
td
www.googletagmanager.com/ Frame 7C49 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=UA-97997734-2&cv=1&v=3&t=t&pid=1577761750&rv=9l0&es=1&e=gtm.init_consent&eid=-1&tc=1&dl=audio.beyondwords.io%2Fe%2F5141405&tdp=UA-97997734-2;;0;0;0&z=0
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 7C49 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-97997734-2&cv=1&v=3&t=t&pid=1577761750&rv=9l0&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAQ&tc=1&z=0
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 7C49 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-97997734-2&cv=1&v=3&t=t&pid=1577761750&rv=9l0&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAAAAQ&tc=1&tr=1rep&ti=1rep&z=0
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 7C49 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-97997734-2&cv=1&v=3&t=t&pid=1577761750&rv=9l0&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAAAAQ&tc=1&epr=1UA&z=0
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame 7C49 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-97997734-2&cv=1&v=3&t=t&pid=1577761750&rv=9l0&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAAAAQ&tc=1&z=0
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:51 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon-31098.xml
ma1540-r.analytics.edgekey.net/config/ 		12 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma1540-r.analytics.edgekey.net/config/beacon-31098.xml
Requested by
Host: 79423.analytics.edgekey.net
URL: https://79423.analytics.edgekey.net/ma_library/javascript/javascript_malibrary.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10e:29e::aa5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9e69f834d41d6286b7a5e97be78f9bfce63f3de2fa5bd5d46d03a1b86492878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:51 GMT
Last-Modified
Mon, 16 May 2022 08:20:57 GMT
Server
AkamaiNetStorage
ETag
"d3a874ff71d6fee84e71665b1ff23d9f:1652689257.04881"
Content-Type
application/xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12174
Expires
Sun, 25 Sep 2022 16:52:51 GMT
settings
audio.beyondwords.io/api/v1/ Frame 7C49 		140 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://audio.beyondwords.io/api/v1/settings
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.19.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fed3488b948079beb8ee72478122cd2d04a753f443f89b6d871a0a746c933e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://audio.beyondwords.io/e/5141405
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
58
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
x-request-id
cd34e2c1-daf9-4559-a1a7-2708e6445aeb
x-runtime
0.010137
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"4fed3488b948079beb8ee72478122cd2"
x-download-options
noopen
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=300
cf-ray
750545cbabebbb53-FRA
expires
Sun, 25 Sep 2022 16:57:51 GMT
AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iouCMPxOx6l8OrYaEVqeUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iouCMPxOx6l8OrYaEVqeUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1OJDJbixmqH5BBwlmqFdjSR9QqXv4MS6bz-LIZrU2h_Mx8piwPqmpALR6CfVzD0sGjtL_JbdTq4HRaT2f_9l3nONRJlyVYH9jVDQvEd1WZplML6pumiYrxlRCWUebbpMuElWDTg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NC6nx0HA4y6-SCpD7ea_cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NC6nx0HA4y6-SCpD7ea_cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW4cRO2U1KNZY92aApcRXj0AuDDOhtR1Vh5MTJZMgRmB7Q3vcc4UcJVe56O0SkGHvD9ZuwVNYXZMgGgKdCX6VUlXrBbL-BpNEj0wxfnqXgIFkVmvzOUqTMPor968HIAEDb9iKOdEA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW4cRO2U1KNZY92aApcRXj0AuDDOhtR1Vh5MTJZMgRmB7Q3vcc4UcJVe56O0SkGHvD9ZuwVNYXZMgGgKdCX6VUlXrBbL-BpNEj0wxfnqXgIFkVmvzOUqTMPor968HIAEDb9iKOdEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY0MTI0NzcxLDE0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm5ld3NtYXguY29tL3VzL2RvbmFsZC10cnVtcC1yYWxseS1tYWdhLzIwMjIvMDkvMTcvaWQvMTA4Nzk2NS8iLG51bGwsW1s4LCJIZUxLczdPU1ZuUSJdLFs5LCJkZSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6dfd98a35abdb3d4d3dea08afcc976378bb9fb6d0aa4debe4db058e8eaccc10
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Po8UaPyfZ-TPpRUHMPhiEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Po8UaPyfZ-TPpRUHMPhiEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Sun, 25 Sep 2022 16:52:51 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 7C49 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=1936766640&t=pageview&_s=1&dl=https%3A%2F%2Faudio.beyondwords.io%2Fe%2F5141405&dr=https%3A%2F%2Fwww.newsmax.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEAAAQAB~&cid=40903438.1664124771&tid=UA-97997734-2&_gid=697289260.1664124771&gtm=2ou9l0&z=354231283
Requested by
Host: audio.beyondwords.io
URL: https://audio.beyondwords.io/e/5141405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 20:07:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74724
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
hls-9711a0e9.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		165 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/hls-9711a0e9.js
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/sdk-03607820.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c172dad51094a7b2d6ef406709ba7b3d58a395c89763e2b4883a842e3dcfcc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454328
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
51365
x-served-by
cache-fra19177-FRA, cache-iad-kiad7000155-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2943d-dov8zqpny3IGvOXBSn6bp4YO7DM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEw6bvpQypXnFMC5RkukhDmJDaSogSku66ISF29jG4y6X0qXQOuNobFMgUP8iJRRPlWvqbcGXU0LC9%2FHoQp7Dm34OLcPeKugcrMudoSOLLt9JIzkCI7Njub2MnRd6ZBCSB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545cbee4dbb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
React.min.css
amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/React.min.css
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
757ad58c6b674c76006228159758edd7b77dd30ff9cd969f54ea94bbd2c31d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Feb 2022 17:34:30 GMT
Server
AkamaiNetStorage
ETag
"2cf88cf1f0392847dfe224b5796eec23:1645810470.598144"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
5377
React.min.js
amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/ 		97 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/React.min.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
64e04671728c5e5887c139892fed16dd043c733c94628cc76be963389cae8952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Feb 2022 17:34:29 GMT
Server
AkamaiNetStorage
ETag
"a2a127cb7fdde70f17f22b101e324ada:1645810469.276342"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
18859
AGSKWxX5QuOoDPI6_5iYPxIY0uYxdxYoGaymyjdQYrj_dc9_tkaP7bsPkRXoBPLvzAOBzH0RXEsdg13ZCxlO1wnisM_5HxuycY-2Mfsw0D8aR1M5-3IZoPuysV60eCtCdcV-Ni__T9-X6Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX5QuOoDPI6_5iYPxIY0uYxdxYoGaymyjdQYrj_dc9_tkaP7bsPkRXoBPLvzAOBzH0RXEsdg13ZCxlO1wnisM_5HxuycY-2Mfsw0D8aR1M5-3IZoPuysV60eCtCdcV-Ni__T9-X6Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UaopfB3P4uJyj7rtx_7_ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://www.newsmax.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-UaopfB3P4uJyj7rtx_7_ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
_commonjsHelpers-09543d7a.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		499 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/_commonjsHelpers-09543d7a.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd2c233f27a479e0b4edf3b28e6d92bacb174e2bc93adb6891848256df8502d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/hls-9711a0e9.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454328
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
299
x-served-by
cache-fra19174-FRA, cache-iad-kiad7000130-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1f3-QF1phVMtzcgh4phUi20rhLD6yHM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtL5agD%2BjeZNvHdWQ7v%2BBbvgLSOPmq9CS0Sq9h22XjIPLnD3cUz%2BoFjMZ4aXkbut0nvYFOtPNhOZ5GwYDcJzHkzOJWsYZ4ju4CNzHJAWgy%2FnUrokra19534tSmcMo8hH6Ak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545cc2eb7bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
events
metrics.beyondwords.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://metrics.beyondwords.io/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://audio.beyondwords.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Access-Control-Allow-Headers,Authorization,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
750545cc7f6dbb8b-FRA
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 25 Sep 2022 16:52:51 GMT
server
cloudflare
events
metrics.beyondwords.io/ Frame 7C49 		0
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics.beyondwords.io/events
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.19.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://audio.beyondwords.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
750545ccd838bb8b-FRA
access-control-allow-headers
Content-Type,Access-Control-Allow-Headers,Authorization,X-Requested-With
content-length
0
collect
www.google-analytics.com/ Frame 7C49 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=1936766640&t=event&_s=2&dl=https%3A%2F%2Faudio.beyondwords.io%2Fe%2F5141405&dr=https%3A%2F%2Fwww.newsmax.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=SpeechKit%20Player&ea=Load&el=TRUMP%3A%20%27THUGS%2C%20TYRANTS%27%20AWAKENED%20A%20%27SLEEPING%20GIANT%27%7Cnewsmax.com&_u=aEAAAQAB~&cid=40903438.1664124771&tid=UA-97997734-2&_gid=697289260.1664124771&gtm=2ou9l0&z=900237580
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audio.beyondwords.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 20:07:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74724
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
provider-fb899939.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/provider-fb899939.js
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/sdk-03607820.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8029ad5fce3ad8d2ed1fc1c933833cebd9ff95aa00eca0f062d9aefa8ef7d107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454327
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1618
x-served-by
cache-fra19150-FRA, cache-iad-kiad7000151-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"e40-KHTx8V6G3S61pVwdO0F835c2nyo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYfx8f3G8ws57%2FHZWptmIZ7izV8tdC0gDsP3yJ1Qv45S4ptU8Gg3YQb5vq9R%2BABV3zdfzIVqRSYufeIILG46yEI08hhhtczRUNxlynK9MIk%2FADpzHp79hfuwrv%2BO6%2BQe%2FUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545cc6f4abb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
ui-v2-898ada89.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ui-v2-898ada89.js
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/sdk-03607820.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d912aa32e54f106262e662f94ec237f079b136ae5a5f32e2ce14c288f35f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454327
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
4789
x-served-by
cache-fra19161-FRA, cache-iad-kiad7000080-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"3713-7N/BOFrpXEnW7n1vDh1s40bLsAM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWMLKtmhDPwU%2FZKE%2FFbcBJd01sQ6XJ1i2%2BgZZI5jYZhtykywxJ%2BVb5GYYGg230Nbd0FoSxeynckM0k6m7x%2BpWrycAOyrPzLWWLXgYNRdL%2FfOwlPDaucTRwk%2FYiXg5SmJ0XI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545cc6f4dbb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
default-app-f4526909.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/default-app-f4526909.js
Requested by
Host: proxy.beyondwords.io
URL: https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/sdk-03607820.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535a4d426da3073b60ad8ba99cdad68b05fecd9a3ea84c42460ff765afdd4a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audio.beyondwords.io/
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454327
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1142
x-served-by
cache-fra19180-FRA, cache-iad-kiad7000069-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"812-w0N3x+gY2x1BzcVXSDKN5DWDWpU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB7KmWte2Gq50FG8MxStC6dlNiaGYq5v3gDjxn3odEnBBtdJ2aVcdcITvnI1u5ZKhC5GEDliDouqXOPG2X1DdK7s9W2KMkqkx5kjlRxFXKAVyWmz16cBPKdAS3DvvaMPWk0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545cc6f50bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
index-bd9af549.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/index-bd9af549.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095d10dea91ef5152455a48e6a4005aebba2c570c37b7bab37ce5bbfbe693b4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/default-app-f4526909.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454327
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2589
x-served-by
cache-fra19148-FRA, cache-iad-kiad7000143-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1797-7FQHi/j/Tgs5firENrxCjCz0bfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hu%2FPWjiHpNFqqyAWTYYIGk2Qnj9dP743ZvrX2Xbw9HAxocT2y5V9fxg0eK58lMNKl90Ji8AMTKA1aApyed5xQCfpStDeHGvTFNtiOLGQaLWwnESufkFun8WVPJmmQV4Nns%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafc5bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
constants-13b88960.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		36 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/constants-13b88960.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
216ab875fa885a14732c20391ec3e00200ea7dfd1cc15f5d9c599df3c13268d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/default-app-f4526909.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454243
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
56
x-served-by
cache-fra19157-FRA, cache-iad-kiad7000168-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"24-JpWTnCw4KZTYK/llYMqdNTBqLk4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo59mCbV6YRxtWpPAEk6Xq3Zsk3cWO%2Fu3H9glBo586tUAzHTLIyPDC00r2z8Cor%2Fi6D98hz4xTHCR5Y8YP%2Beh%2FJ5Gok2jZ1OJXNeMvtE6Eyf01lwMRxIXsaUQJiZ6ixOORg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafc6bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
helpers-07d52736.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/helpers-07d52736.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85e0b85afcd7c89b23adafe1e70845cdfa104a9a44e1f4899b76927172fcda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/default-app-f4526909.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454243
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1157
x-served-by
cache-fra19132-FRA, cache-iad-kiad7000036-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"8ff-c37Nv14OW/jvpCaWmO8YzyXlGj0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SELERkGSEfqEVKC2OKTmDN2nSzGAtXHhw6y4XjsQ3TYQHx8MbeajkhhFBkAt2xZrPyO%2FtcXnG9Mpu3ZC8RCeVmpT7yH%2B%2Fjzfeg7LAUzPMorWeigYnXBeXC1u3EwLabugr7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafc7bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
helpers-8af99612.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		404 B
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/helpers-8af99612.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe41c6a5b98fa1a6c3f176661e1998e25f7426d3097b8cea5254409bc7176a30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ui-v2-898ada89.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454327
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
291
x-served-by
cache-fra19149-FRA, cache-iad-kiad7000118-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"194-DEsishYJ0bX1bAgJLs+BthyPNeU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvVAg%2Bpz59ndrgJNB1KBHxUMhi9feOG2mxXHcXKJhKr7xiDhdX3fEuspLm6mxgWBEwKjb7xoryKk%2F4rDuV83cPiU7zEtjPkDbOWMf6FD7qrPd8XWdVqBhXbm7oDPHPsvfmk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafccbb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
status-16bc2203.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/status-16bc2203.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe606cc5fdf6135e40c7b9ad2138fa81d3fb6a5fa332007f29f1377b3c94063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ui-v2-898ada89.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454243
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1223
x-served-by
cache-fra19126-FRA, cache-iad-kiad7000085-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"993-zNNW2xiXFEYzpBtQbjNgNYK3tZk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWT1wfe8EgsaodnVpcY2EUXQtx1ycVSC62vbEbcFvHmaeb4KpOgpn7GPUYxJ%2FC5s%2FYiju%2FghArApwLFkoF0di2mGbNv2PKLOVvkTZfKKwx11Ri1WRu8g1%2FvkqFChU5lKAnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafcfbb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
index-4da881eb.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/index-4da881eb.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f7e3e08adf9cb1289dc5a96a107f086ddaab4fcb4e3a09a1ddc4a0f38ac9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ui-v2-898ada89.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454243
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3282
x-served-by
cache-fra19178-FRA, cache-iad-kiad7000146-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1e81-3zwLWrDEajLylUFVw0jrx1lE6Iw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dg1ZgZlFC%2B45cbKLWKBPDvx74XJiveWUVO97y8e7rFyBsAXI4FsaGTe5ZZgYmTKs2%2BmR%2FcctVP1BPUE%2BKVENmHnAq%2FwKvgdyfxlX9FwKuRQ4jLgR1ksQh3km4B%2BQqEj6N0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafd2bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
button-with-icon-5671ff7e.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/button-with-icon-5671ff7e.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130781ade399ad93ebf0206597df48a05924bad1cfe8dd33c2ee059940b66cf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ui-v2-898ada89.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454243
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1907
x-served-by
cache-fra19175-FRA, cache-iad-kiad7000080-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"ed1-Yl0fsQZqQUO8F6JKf1l5UMJljX4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YQwEl6EzBARUEvQtF9r4KQHtXMNTw3DwuXp98Tz069u%2FTWRKVBT4cFkPUls5hH8IY%2F9GUMZR9i5%2B9PDBUKPNnOuM4yOhoK%2Bf104OxH75IoI5FFgcv9tEwnUlpnp6w%2BANPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafd4bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
playV2-8fd1e43c.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/playV2-8fd1e43c.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8012966b8a4f19d12681d59aabafa32e1c7da3911235f19cda5fc555ef206e60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ui-v2-898ada89.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454243
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
749
x-served-by
cache-fra19126-FRA, cache-iad-kiad7000169-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"8f8-0kVc9AjyTN8aggZzqA8w3oRTrX8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTSPjc4sTTdk1%2FNy51q%2FN9vrZz2QRtUvx248H9fdpJ%2F%2FDBz1Z9Vq04S3%2Bw%2BKvLUFeukH1qOMphKInhTrd3Qom3Y4%2FIlLFjUP4SL32xX0reX2cQxWbJT0G2VfBzgzdprVZdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafd8bb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
link-ads-d313c018.js
proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ Frame 7C49 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/link-ads-d313c018.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf0166ff0311f716b559f386a8411a4b51e6e4b4102f1ecdd8b8eb460b4b86c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.beyondwords.io/npm/@beyondwords/audio-player@0.0.6-rc16/dist/module/ui-v2-898ada89.js
Origin
https://audio.beyondwords.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
454243
x-jsd-version
0.0.6-rc16
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
942
x-served-by
cache-fra19127-FRA, cache-iad-kiad7000138-IAD
timing-allow-origin
*
access-control-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"7b1-EGPq2kO1PFygRyJ975dSdxpQ9oA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcEiq6klkCgOhZgQteYvOa1C5Me5wYyHu1ydLiH5sZwQU3IspVvO7I9qTA8FKj2s0HJXqnZXjRVniFnkJq%2BPxEOLH4EoHNh8HpWrUznGvB0%2FNfSP%2BdCS5UTBgDMLgzUUkhg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
via
1.1 vegur
access-control-expose-headers
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
750545ccafdabb8b-FRA
expires
Sun, 02 Oct 2022 16:52:51 GMT
fontawesome-webfont.woff
amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/fontawesome-webfont.woff
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/React.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725

Request headers

Referer
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/react/React.min.css
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Last-Modified
Fri, 25 Feb 2022 17:34:30 GMT
Server
AkamaiNetStorage
ETag
"849abfea7388faeeb4edbc0b89288b85:1645810470.405378"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
font/woff
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
31156
api-errors
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Sun, 25 Sep 2022 16:52:51 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Sun, 25 Sep 2022 16:52:51 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
amp.gif
amp.akamaized.net/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.9&platform=web&os=Windows&osver=10&browser=Chrome&browserver=105.0&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&event=create&&lic=newsmax
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:51 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
hls.min.js
amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/ 		315 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Feb 2022 17:34:48 GMT
Server
AkamaiNetStorage
ETag
"7bc73febf18b398a5e8b5cc3338b8ac0:1645810488.274151"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Credentials
false
bridge3.532.0_en.html
imasdk.googleapis.com/js/core/ Frame A25A 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
455689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211807
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 10:18:02 GMT
expires
Wed, 20 Sep 2023 10:18:02 GMT
last-modified
Tue, 20 Sep 2022 10:12:09 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Sep 2022 16:52:51 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 8318 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Goog-Request-Time
1664124771725
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ZE6BULZwwRw
X-YouTube-Client-Version
1.20220921.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgszaW5vQTdqNEVtZyjhjsKZBg%3D%3D
X-YouTube-Ad-Signals
dt=1664124769235&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C338&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 25 Sep 2022 16:52:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 25 Sep 2022 16:52:51 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.newsmax.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsmax.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		463 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2385598074188552&correlator=140907209603953&eid=31069762%2C31069829%2C31069354&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=6305169%2CNewsmax%2Cus&enc_prev_ius=%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F2&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C300x250%7C300x600%2C300x250&ifi=1&adks=2439417498%2C2497805954%2C2254959926%2C468623952%2C3180019426%2C3083452456&sfv=1-0-38&fsapi=false&prev_scp=pos%3DInArticle%26page_type%3Darticle%26refresh%3D45%26res%3Dboth%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DInArticleMiddle%26page_type%3Darticle%26refresh%3D45%26res%3Dboth%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DTopRight%26page_type%3Darticle%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DMiddleRight%26page_type%3Darticle%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DTallMiddleRight%26page_type%3Darticle%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cpos%3DBottomRight%26page_type%3Darticle%26refresh%3D45%26res%3Ddesktop%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=promo_code%3D1034014qqur4%26nmid%3D1087965%26nmtags%3Ddonald%252Ctrump%252Crally%252Cmaga%26PubYear%3D2022%26PubMonth%3D09%26signedup%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1664124772023&lmt=1664124772&dlt=1664124768743&idt=758&adxs=480%2C480%2C960%2C960%2C960%2C960&adys=1571%2C2839%2C757%2C1063%2C2318%2C2338&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C0%7C0%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&frm=20&vis=1&psz=300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0&msz=300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4%2C4&ohw=300%2C300%2C300%2C300%2C300%2C300&ga_vid=1883331922.1664124769&ga_sid=1664124772&ga_hid=915411207&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9aa1067c5719c299768661cb171ae512bf6fb17ab3f535e1557f1dd0830e7a1d
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/GpaGenericImage_SingleImg_NameTag_ImageFit_300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/GpaGenericImage_SingleImg_NameTag_ImageFit_300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COKUou-zsPoCFWgHewod0AsAvQ&gqi=&layout=/pagead/gadgets/gpa_generic_image/GpaGenericImage_SingleImg_NameTag_ImageFit_300x250.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COeUou-zsPoCFWgHewod0AsAvQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12584458653358096384/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWUou-zsPoCFWgHewod0AsAvQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12584458653358096384/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/GpaGenericImage_SingleImg_NameTag_ImageFit_300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/GpaGenericImage_SingleImg_NameTag_ImageFit_300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COKUou-zsPoCFWgHewod0AsAvQ&gqi=&layout=/pagead/gadgets/gpa_generic_image/GpaGenericImage_SingleImg_NameTag_ImageFit_300x250.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COeUou-zsPoCFWgHewod0AsAvQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12584458653358096384/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWUou-zsPoCFWgHewod0AsAvQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12584458653358096384/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1,-1,-1,-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66409
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
date
Sun, 25 Sep 2022 16:52:52 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.newsmax.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D433 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 16:52:52 GMT
expires
Mon, 25 Sep 2023 16:52:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Sep 2022 16:52:52 GMT
amp.gif
amp.akamaized.net/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.9&platform=web&os=Windows&osver=10&browser=Chrome&browserver=105.0&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&event=start&&lic=newsmax
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:dc::6853:538 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:52 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
9.gif
ma1540-r.analytics.edgekey.net/ 		10 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma1540-r.analytics.edgekey.net/9.gif?a=I~b=b38bfa202e63631098~c=0c22b406-d0eb-4a71-bed2-20d2a86d25d1~d=23747c94-c402-4a72-9808-b445ff8d5084~e=0~g=0~w=3~ag=www.newsmax.com~ah=-~al=Windows~at=Chrome%20105~ax=O~ay=CoreLibrary-4.20.28:JSLoader-1.6.8~cm=~dx=0.003~en=Newsmax%20TV%20Live~os=Windows-10~pd=Newsmax.com%20-%20AMP%20v9.1.9+premier~sa=Desktop~tt=Newsmax%20TV%20Live~ai=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/105.0.5195.125%20Safari/537.36~az=1.0~pr=-~pu=https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Requested by
Host: 79423.analytics.edgekey.net
URL: https://79423.analytics.edgekey.net/ma_library/javascript/javascript_malibrary.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10e:29e::aa5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:52 GMT
Server
AkamaiNetStorage
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
Expires
Sun, 25 Sep 2022 16:52:52 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame A25A 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F6305169%2FNewsmax%2FVideo%2Flivestream&description_url=http%3A%2F%2Fwww.newsmax.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&vpos=preroll&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=923037976497361&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1901460915&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&sid=82BF6EBD-4EA0-440F-948E-9BB2FC1D2D73&nel=0&eid=44748969%2C44752657%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&dlt=1664124768743&idt=3041&dt=1664124772211&cookie_enabled=1&scor=159900888210395&ged=ve4_td3_tt0_pd3_la3000_er328.971.481.1271_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
edec56f1b9bf23561d3cc40e0b459a6a363e5e1f59ef50921100a84b0df52efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3563
x-xss-protection
0
google-lineitem-id
6085066446
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
138400871492
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Sep 2022 16:52:52 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame A25A 		156 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8570%2C6305169%2Fnewsmaxmedia%2Fnewsmax-14379-video-ads-desktop&description_url=http%3A%2F%2Fnewsmax.com&tfcd=0&npa=0&sz=324x184%7C400x300%7C444x250%7C600x252%7C640x360%7C640x480&min_ad_duration=5000&max_ad_duration=64000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=923037976497361&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1901460915&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&sid=82BF6EBD-4EA0-440F-948E-9BB2FC1D2D73&nel=0&eid=44748969%2C44752657%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&dlt=1664124768743&idt=3041&dt=1664124772506&cookie_enabled=1&scor=159900888210395&fbidx=-1&ged=ve4_td4_tt1_pd4_la4000_er328.971.481.1271_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 25 Sep 2022 16:52:52 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
542754
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ip7xVnxkbTlHRzFHVjRXWnQ1TWZoUHNieVlnbWVBUkFVL3hPT0VCU3B4WHdkeVQ3US9LMGptVFhUTzBVK0t1dklERFRLL3dnbGRKK0tzYlhac212Nko0cXJnMTR2TWpoMDVudlY5SEN2T3lCUllBem5tUVZOMDVreEZUWT...
364 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ip7xVnxkbTlHRzFHVjRXWnQ1TWZoUHNieVlnbWVBUkFVL3hPT0VCU3B4WHdkeVQ3US9LMGptVFhUTzBVK0t1dklERFRLL3dnbGRKK0tzYlhac212Nko0cXJnMTR2TWpoMDVudlY5SEN2T3lCUllBem5tUVZOMDVreEZUWThpa0xqVFAwL0J0MlVjakNldXV3ZzM1ZFI4ai9YN0ZMRlVkeU5PZXBnTEZtUHppc1QwQ1NTcnB4c1pUU1hMOWx0YnZlZEdlVTFaVkQ1OHpIa29uRHAza21yZ0JWRkMyU2VBTVRYQ2tGbzNZNElEZEVqV01wUVMvbHFwcEVldTFVUjFrYzRUMlg4fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cbdb4bc41004f97c6c9fa44c345648c0af599f2b5930abeb51c5be29d9c128ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1009511
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ip7xVnxkbTlHRzFHVjRXWnQ1TWZoUHNieVlnbWVBUkFVL3hPT0VCU3B4WHdkeVQ3US9LMGptVFhUTzBVK0t1dklERFRLL3dnbGRKK0tzYlhac212Nko0cXJnMTR2TWpoMDVudlY5SEN2T3lCUllBem5tUVZOMDVreEZUWThpa0xqVFAwL0J0MlVjakNldXV3ZzM1ZFI4ai9YN0ZMRlVkeU5PZXBnTEZtUHppc1QwQ1NTcnB4c1pUU1hMOWx0YnZlZEdlVTFaVkQ1OHpIa29uRHAza21yZ0JWRkMyU2VBTVRYQ2tGbzNZNElEZEVqV01wUVMvbHFwcEVldTFVUjFrYzRUMlg4fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
656650
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cb9bc10b6366f9d1b1b9dc866c19e6dea87af407c8902fc3ddb9b632e370a2b9

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache
x-server
10.45.10.241
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
10197f94d9817fdfd829db9b169f148e26304252f03761476d0c859b2a2d9945

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Sep 2022 16:52:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 25 Oct 2022 16:52:52 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
PT1X3XEF2KF64GRE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
rWr2JWGo0/hJJpCkOl46Jludz4/khIecVhbiRQQ0qpVwJVN5XkS3fA4iIlbnsr7DzvXsY648nRw=
x-served-by
cache-hhn4072-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1664124773.764995,VS0,VE0
date
Sun, 25 Sep 2022 16:52:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3513
SMS.png
www.newsmax.com/App_Themes/Newsmax/images/articlePage/ 		485 B
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/Newsmax/images/articlePage/SMS.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2a9f2b577571b539600643e3cd96e058e33aa48a47ed4afb6ae4f6989eb8c17a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:52 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
"fae4141165a0d81:0"
x-serial
405
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=383395
last-modified
Mon, 22 Aug 2022 14:56:31 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
485
expires
Fri, 30 Sep 2022 03:22:47 GMT
Email.png
www.newsmax.com/App_Themes/Newsmax/images/articlePage/ 		259 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsmax.com/App_Themes/Newsmax/images/articlePage/Email.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:679c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7aaec8aac258488f936c7593200c31a39da99c6a77e0e2bce90d12941a35813f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Sun, 25 Sep 2022 16:52:52 GMT
last-modified
Thu, 20 Jan 2022 15:39:32 GMT
server
Akamai Image Manager
etag
"011fc22537dd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=474746
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
259
expires
Sat, 01 Oct 2022 04:45:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af8cd4278b9717229c97e35d39e6387833877d6c35101b01745abc123289c463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11132
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 06C7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsmax.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 16:52:51 GMT
server
Kestrel
server-processing-duration-in-ticks
955633
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
IP
ipapi.optiryte.com/api/ 		2 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.optiryte.com/api/IP?Token=IPKXYRTFKT
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
216.238.156.11 Jacksonville, United States, ASN19844 (SBA-EDGE-JAX, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:52 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Headers
Content-Type
Content-Length
122
Expires
-1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=915411207&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&ul=en-us&de=UTF-8&dt=Trump%3A%20%27Thugs%2C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20article%20milestone&ea=undefined&_u=aGDAAEABAAAAAG~&jid=767769742&gjid=1590700808&cid=1883331922.1664124769&tid=UA-31221-1&_gid=1161030251.1664124769&_r=1&gtm=2wg9l0WL644C&z=675459609
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A25A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/gif
index.m3u8
nmxlive.akamaized.net/hls/live/529965/Live_1/ 		828 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/index.m3u8?CMCD=cid%3D%22newsmaxlive%22%2Cmtp%3D500%2Cot%3Dm%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Csu
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82aacaa36fe3eea0f8da1687cc73a6d915e26f8fd971b375496376118b3752f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Akamai-Live-Origin-QoS
d=7000;t=1663811445.353
Akamai-Path-Timestamp
i=1663332033.302;xi=1663332033.306;xo=1663811446.057;s=1663811446.061;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
358
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Thu, 22 Sep 2022 01:50:45 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 25 Sep 2022 16:52:53 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=915411207&t=event&_s=2&dl=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&ul=en-us&de=UTF-8&dt=Trump%3A%20%27Thugs%2C%20Tyrants%27%20Awakened%20a%20%27Sleeping%20Giant%27%20%7C%20Newsmax.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=videoStart&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=1883331922.1664124769&tid=UA-31221-56&_gid=1161030251.1664124769&cm1=0&cd1=Newsmax%20TV%20Live&z=1789089055
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 20:07:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74725
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/live/interaction/ Frame A25A 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/live/interaction/?ai=Bb3NJZIcwY6zdE5-smLAPg_aqsAj8k9ejRgAAABABIOGr_Ck4AVjE6NbKgwRglYKAgLAHsgEPd3d3Lm5ld3NtYXguY29tugELNjQweDQ4MF94bWzIAQXaAUlodHRwczovL3d3dy5uZXdzbWF4LmNvbS91cy9kb25hbGQtdHJ1bXAtcmFsbHktbWFnYS8yMDIyLzA5LzE3L2lkLzEwODc5NjUvwAIC4AIA6gIhLzYzMDUxNjkvTmV3c21heC9WaWRlby9saXZlc3RyZWFt-ALw0R6QA8gGmAPgA6gDAdAEkE7gBAHSBQYQzv3K1RaQBgGgBiSoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHAdIIEQiA4YBwEAEYHTIC6wI6AoBA2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=Mcwt-_9V81o&label=videoplayfailed303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aee2091659
bam.nr-data.net/1/ 		49 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/aee2091659?a=607472037&v=1216.487a282&to=NgRSYxQAVxECUExZXA9OcWQ2TloPEENZV1YSTkBYFBVYDhdWVUBfABVVGQcSSRo%3D&rst=4893&ck=1&ref=https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/&ap=105&be=982&fe=4802&dc=1997&perf=%7B%22timing%22:%7B%22of%22:1664124767897,%22n%22:0,%22f%22:255,%22dn%22:257,%22dne%22:347,%22c%22:347,%22s%22:368,%22ce%22:411,%22rq%22:412,%22rp%22:838,%22rpe%22:849,%22dl%22:846,%22di%22:1968,%22ds%22:1997,%22de%22:2014,%22dc%22:4801,%22l%22:4801,%22le%22:4816%7D,%22navigation%22:%7B%7D%7D&fp=1048&fcp=1048&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
750545d66e6d9a17-FRA
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:47:41 GMT
content-encoding
gzip
age
990311
x-guploader-uploadid
ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 14 Sep 2023 05:47:41 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-31221-1&cid=1883331922.1664124769&jid=767769742&gjid=1590700808&_gid=1161030251.1664124769&_u=aGDAAEABAAAAAG~&z=16599016
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 25 Sep 2022 16:52:52 GMT
content-type
text/plain
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 943E 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
517436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b9e6b1d3ca7cc68d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 943E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
517436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dcaf3864e0ab6b08"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 943E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
517436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"95b4b320f7966d1a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 943E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
517436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5561dff7c028bd87"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 943E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
517436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00747b471d2f1a24"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
css
fonts.googleapis.com/ Frame 943E 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Sep 2022 15:59:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 25 Sep 2022 16:52:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Sep 2022 16:52:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 943E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 09:48:38 GMT
x-content-type-options
nosniff
server
cafe
age
25454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 26 Sep 2022 09:48:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 943E 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 07:50:56 GMT
x-content-type-options
nosniff
server
cafe
age
32516
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 26 Sep 2022 07:50:56 GMT
l
www.google.com/ads/measurement/ Frame 943E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQEkt8zX7k3AhOMyuLvia2c9Ukes9R6kYoQVdw-162QiS3Jd7xx7A48ptqzvJCaJ_yw2az
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 943E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6KvdZIcwY-TSC-iO7APQl4DoC4XNsLlsrYXEia0QiKy24d0yEAEgweXaIWCVgoCAsAegAZCI6McDyAEJqQJ2TgI2yECwPuACAKgDAcgDCqoEygJP0GDF6fnFmYGQTDPJZANvx82Jq1mO5PffDRAWFNJdNiuEfsPenCjN6QbF3PfApLwwPd2bqTVW947S9uBYf842CjFJIgDQazXZt_G-mY3lk-q-1AU4v5XHibY0YY-hRZ0XHjf3pE0tKQ4dfISyFopCMb-GgKnji47w34skDSS8QqD5fVu1sxATeTizvueDVjPZX8F1X8_LuDRbNDdLcZYmOf3kMjMPMobctLaCA34Wa6JXIHtI8JCu8w57CkrI86UlMpOMpb2QSlEshr-h7enEF-LmtULBi5w-r59x7GhzpigOONCmbPw1jkav43EgoiO6G0VIrIX9g9VzOesU90iGm9yFLs__dJ80BfbV0STb1Yf21q9CKWohuGAROB2MgnWNruJ0PQYKjRHw38xOpbArz80QvflE8gGz-V9RmQZHs13aXeGHvv0_a4bABNr32pf7A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfY95c4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQq4ke0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDg1MjM0ODgyMzczNTIxMhjR4hA&sigh=9ICvL0sRUSQ&uach_m=[UACH]&template_id=5000
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
container.html
10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6495 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 16:52:52 GMT
expires
Mon, 25 Sep 2023 16:52:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/15613313154326139681/ Frame 943E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15613313154326139681/downsize_200k_v1?w=400&h=209
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c08c3ef96306e2c159d7bf36d0180a90db79c97bb9905c0ba5e9a67f4477d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 17:38:42 GMT
x-content-type-options
nosniff
age
602050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15304
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 04:46:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Sep 2023 17:38:42 GMT
truncated
/ Frame 943E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 943E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcbd0a3ed071e8d2e2e880e8b73cd9e2560fd6fc54837804b86532393fac3246

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ip7xVnxkbTlHRzFHVjRXWnQ1TWZoUHNieVlnbWVBUkFVL3hPT0VCU3B4WHdkeVQ3US9LMGptVFhUTzBVK0t1dklERFRLL3dnbGRKK0tzYlhac212Nko0cXJnMTR2TWpoMDVudlY5SEN2T3lCUllBem5tUVZOMDVreEZUWThpa0xqVFAwL0J0MlVjakNldXV3ZzM1ZFI4ai9YN0ZMRlVkeU5PZXBnTEZtUHppc1QwQ1NTcnB4c1pUU1hMOWx0YnZlZEdlVTFaVkQ1OHpIa29uRHAza21yZ0JWRkMyU2VBTVRYQ2tGbzNZNElEZEVqV01wUVMvbHFwcEVldTFVUjFrYzRUMlg4fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 25 Sep 2022 16:52:52 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
403388
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 06C7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=newsmax.com&sn=ChromeSyncframe&so=0&topUrl=www.newsmax.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=PJa7cXw0dU4rS0JjT1ZmZDROZUgxd2MySW5WaUdoOGRncWJ3MEloRHFMaUo0WmZZN2RDYTZnRjNBQjhsU0VvUXVxVEFVTFcrdnlaNitBaEZTM2ZpOWpjVnFBajRZeXFkeGcrZm5tT0dkLy9KMmU0VHZBYXloVWNpcjZpcG...
419 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PJa7cXw0dU4rS0JjT1ZmZDROZUgxd2MySW5WaUdoOGRncWJ3MEloRHFMaUo0WmZZN2RDYTZnRjNBQjhsU0VvUXVxVEFVTFcrdnlaNitBaEZTM2ZpOWpjVnFBajRZeXFkeGcrZm5tT0dkLy9KMmU0VHZBYXloVWNpcjZpcG43L1FiQjdxeGQ4VG9NbUZFclB5NmQ5aXl0RHdBMUppY1JQYVZyMFpvRkJLWGdsZW91dUcwajFPdDdTYkJLdTNvb01BVDVuM1pBd3B5akY2dDdtZ1B5aTE2WDNGd2lLbDdqNDMya1puWjNjSHltWm5jbVp6RUtGbk1LYWtTL1FPTEU3eTVZYm9VVUs3eEZnUTFBSUlpSjg0N1JoNm1Ldz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e61765a17b8fbd58a6c2cb2bc3807751e762e5dfc8dcff3bc5d1614f15757bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3191954
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=PJa7cXw0dU4rS0JjT1ZmZDROZUgxd2MySW5WaUdoOGRncWJ3MEloRHFMaUo0WmZZN2RDYTZnRjNBQjhsU0VvUXVxVEFVTFcrdnlaNitBaEZTM2ZpOWpjVnFBajRZeXFkeGcrZm5tT0dkLy9KMmU0VHZBYXloVWNpcjZpcG43L1FiQjdxeGQ4VG9NbUZFclB5NmQ5aXl0RHdBMUppY1JQYVZyMFpvRkJLWGdsZW91dUcwajFPdDdTYkJLdTNvb01BVDVuM1pBd3B5akY2dDdtZ1B5aTE2WDNGd2lLbDdqNDMya1puWjNjSHltWm5jbVp6RUtGbk1LYWtTL1FPTEU3eTVZYm9VVUs3eEZnUTFBSUlpSjg0N1JoNm1Ldz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
762699
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Sep 2022 16:52:52 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-31221-1&cid=1883331922.1664124769&jid=767769742&_u=aGDAAEABAAAAAG~&z=1299679782
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-31221-1&cid=1883331922.1664124769&jid=767769742&_u=aGDAAEABAAAAAG~&z=1299679782
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
results.txt
3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=peupts8g5
  • https://3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
184.25.50.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-25-50-51.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net/eum/results.txt
Date
Sun, 25 Sep 2022 16:52:53 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
results.txt
eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=peupts8g5
  • https://eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net/eum/results.txt
Date
Sun, 25 Sep 2022 16:52:53 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/ Frame 7DC0 		168 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae2a98cd5d5d8ef799bc29a6d713fb7be4286f61a1aa7bc787c8beaaafa1e79
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
368950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
34361
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 10:23:43 GMT
expires
Thu, 21 Sep 2023 10:23:43 GMT
last-modified
Wed, 21 Sep 2022 09:52:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 6495 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeM2RZIcwY-XSC-iO7APQl4DoC7eQ07Ns5pzz-p8Q24GGwa0yEAEgweXaIWCVgoCAsAegAZXo_6wCyAEJqQJ2TgI2yECwPuACAKgDAaoEywJP0GDA2RmfW1t5pjd59qoZofFOWUD5DoBnsMWpoQ1Bkjg7lHAJdGkQw3ITryhHixOJpEkENidFkJYWM06stum20FI8eEqB_YiKKOWAkvKnoG9fHQHEb02nHYQv59Fd-QUMtDDnR3DcwXUuBgPYM-pUo5ELVN_9KKutmA8qWZK7Z2pj49N6kiTpLgnuOIvKC1FsI9ha8XIY_zOHXjSWNLqTLHL3sbKlQYA6UEn7DcFfPWo-kIAGiLJWyyhhZq4aZnMd7K54ia2voQW-QF_H107S7pQSmn9FZe_9K0D69GxfVJcGUwGW1ygJhpxFGPb6kyangcRC4_-0-z6rJALwgU8i5wLd7GjIo7yTyrcz-MfhDSV9dsZhVpT-ra5cs2jpPQyHAdV09s878V1MAsupUCWWSnTeSEV9L-_RQT0i6EwtSJMxlolSwSlzJp3QwASVtMPjiQTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGa4AH05eA0wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQjbgi0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwGYDJa4qIqAA8ITBhiV6P-sAtgTDogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi00ODUyMzQ4ODIzNzM1MjEyGNHiEA&sigh=pHZq1Z3SJUk&uach_m=[UACH]&template_id=531
Requested by
Host: www.newsmax.com
URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9F5B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 25 Sep 2022 16:37:03 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 6495 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 16:25:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 6495 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
713
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 16:41:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 943E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 20:10:25 GMT
x-content-type-options
nosniff
age
333747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 20:10:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 943E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsmax.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:01:51 GMT
x-content-type-options
nosniff
age
291061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:01:51 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&rid=esp&cc=1
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
32e00962cfd34e078948b07cee9f43a7176fdc2acc8df0e81926c2359ae0b689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:53 GMT
via
1.1 google
etag
W/"55-i3HHKaVmzpzKsXm20+DI4CWg+JQ"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsmax.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 25 Sep 2022 16:52:53 GMT
via
1.1 google
access-control-allow-origin
https://www.newsmax.com
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D151 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 15:43:28 GMT
expires
Mon, 25 Sep 2023 15:43:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D025 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c501541554a9ee183ce8b26b610031b03b1ca5282a807d636527b92d42a4f393
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PWu-yvOd37x5C2BPjfYiaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-PWu-yvOd37x5C2BPjfYiaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 16:52:53 GMT
expires
Sun, 25 Sep 2022 16:52:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index_216.m3u8
nmxlive.akamaized.net/hls/live/529965/Live_1/ 		720 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/index_216.m3u8?CMCD=cid%3D%22newsmaxlive%22%2Cmtp%3D500%2Cot%3Dm%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Csu
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07e8ed6d8e42822430361190b95fbc0a91620258b499041efe94578ead944eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Akamai-Live-Origin-QoS
d=7000;t=1664124764.747
Akamai-Path-Timestamp
i=1664124764.744;xi=1664124764.751;xo=1664124765.045;s=1664124765.261;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
170
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Sun, 25 Sep 2022 16:52:44 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 25 Sep 2022 16:52:53 GMT
index_cc.m3u8
nmxlive.akamaized.net/hls/live/529965/Live_1/ 		710 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/index_cc.m3u8?CMCD=cid%3D%22newsmaxlive%22%2Cmtp%3D500%2Cot%3Dm%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Csu
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53c98c58cb94c28d139be3e9cf2213247e3e61ba4e83f59d7911155bd764775a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Akamai-Live-Origin-QoS
d=7000;t=1664124770.751
Akamai-Path-Timestamp
i=1664124770.749;xi=1664124770.755;xo=1664124771.202;s=1664124771.205;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
171
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Sun, 25 Sep 2022 16:52:50 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 25 Sep 2022 16:52:53 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7DC0 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 07:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 07:40:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7DC0 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 04:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13218
x-xss-protection
0
server
cafe
etag
5545325275904357113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 04:52:24 GMT
css
fonts.googleapis.com/ Frame 7DC0 		1003 B
420 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Sep 2022 16:20:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 25 Sep 2022 16:52:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Sep 2022 16:52:53 GMT
l
www.google.com/ads/measurement/ Frame 6495 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSA8sHY5p-NB28CvevZjX3MKd_xU53VzN2qqVBO2wjuj2nwXJWs2mlEInWqczdUuo5PsqcT
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
truncated
/ Frame 6495 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbee566520ab716ccb3e3b219132886ca0d640afe3772a15bbbf7ef7a014f594

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9F5B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 16:52:53 GMT
expires
Sun, 25 Sep 2022 16:52:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 16:52:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D025 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=2385598074188552&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame D151 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 10:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Sep 2023 10:58:39 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 7DC0 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:25:00 GMT
x-content-type-options
nosniff
age
336473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:25:00 GMT
index_216_01991.ts
nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/ 		446 KB
447 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/index_216_01991.ts?CMCD=br%3D590%2Ccid%3D%22newsmaxlive%22%2Cd%3D6000%2Cmtp%3D500%2Cot%3Dav%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Csu%2Ctb%3D590
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82fe05fc77d0f02c9637a4fcfa5d66c9e15dd7e84dbcdef250a9dd91ad055a81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
X-Akamai-Live-Origin-QoS
d=7000;t=1664124746.703
Akamai-Path-Timestamp
i=1664124746.701;xi=1664124746.709;xo=1664124747.938;s=1664124747.948;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
457028
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Sun, 25 Sep 2022 16:52:26 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535971
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 25 Sep 2023 16:52:24 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 7DC0 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSoqK5xQ-xqQcIAnlYCm2RPXxj0cOumCzEPPqmwxSShoMKwl1GuHEoi3qj--40&usqp=CAI
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6761a2a57e8b3e044cf26b1513291ca691dab6679913aadad03b36492533d382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 14:04:43 GMT
x-content-type-options
nosniff
age
355690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17506
x-xss-protection
0
last-modified
Fri, 06 May 2016 04:07:42 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 21 Sep 2023 14:04:43 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 7DC0 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTiNSqnh8TvL-FQiXfa1CxXsERuLq27FWW8AM32dy6HytbYsZ6Br6VLgG1vBA&usqp=CAI
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9be876fe63884efe9e4c2f3a0811823845c61f31ee14e012ec4529c11360c623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Jan 2019 23:03:22 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20351
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 25 Sep 2023 16:52:53 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 7DC0 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRdpnA-MztrWG-ZruCOevKPT9lT3DQpYXmtN1CXuxBwVUDAze_heCVUcsGR2-s&usqp=CAI
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e28d361522da36d93bae9cb3d54c96027213cf23fc93c6a9b1613cad8846a9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 02:10:40 GMT
x-content-type-options
nosniff
age
312133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12352
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 22:39:57 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 22 Sep 2023 02:10:40 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 7DC0 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQZ_Y3KS7Oxp_25-uzwSD2O8Z6rQBin6VVkd_dSdynLM98ccKlVvtzP49oT0Q&usqp=CAI
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
042e02b2727e7c97a463361c322a8c85143ccdcdc62025c618b1790c3a7f3a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:50:32 GMT
x-content-type-options
nosniff
age
370941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15465
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 23:23:00 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 21 Sep 2023 09:50:32 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 7DC0 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRzEeGYZL2oA49xat0a5GZIEPGHpV_xxYWCr2TlrDMvnXmtaruxifYTJxIB5No&usqp=CAI
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
060cde88720645d0405c137b4511a6e7b72460f154a7484db6b52f7569e3db84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Apr 2017 06:33:21 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27841
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 25 Sep 2023 16:52:53 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 7DC0 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTVquEu1EnhlqBv4w6fOP0qm8uN_hYa7VN1MwuEkNBrOq0dEUd9OwjZ47aCwg&usqp=CAI
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53db8744f964bd8338726486cd2c63a5e5a14af83d9e5553b35ec69fcc184ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 05:46:14 GMT
x-content-type-options
nosniff
age
126399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12984
x-xss-protection
0
last-modified
Wed, 23 Jan 2019 23:02:50 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 24 Sep 2023 05:46:14 GMT
sample-logo-transp_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/ Frame 7DC0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/sample-logo-transp_2.svg
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
927d2d0580e7860e0c91d4388b4d8b286344294b8f517fda6d3f9792d5048a41
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
368949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1045
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 09:52:18 GMT
server
sffe
date
Wed, 21 Sep 2022 10:23:44 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Sep 2023 10:23:44 GMT
H.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/ Frame 7DC0 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/H.jpg
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41942ecaeced47f7b84d0620385f3f4f23ff0051b5661c3d8d7e7dcfc789775b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
368949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35481
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 09:52:18 GMT
server
sffe
date
Wed, 21 Sep 2022 10:23:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Sep 2023 10:23:44 GMT
V.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/ Frame 7DC0 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/V.jpg
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da725a4e569fa51a7806d6dcb73dff629394df2c1139ddf1ec63b73cadbef67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
368949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26465
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 09:52:18 GMT
server
sffe
date
Wed, 21 Sep 2022 10:23:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Sep 2023 10:23:44 GMT
S.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/ Frame 7DC0 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12584458653358096384/S.jpg
Requested by
Host: 10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
URL: https://10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cc5a724429ce55a33d31524a887567f521cc0a55b3d8da7dcc16507b24ba309
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
368949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53902
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 09:52:18 GMT
server
sffe
date
Wed, 21 Sep 2022 10:23:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Sep 2023 10:23:44 GMT
/
0217991c.akstat.io/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://0217991c.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RRNR9-85ANW-4QF6A-ZJTU2-LGRHY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:388::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:53 GMT
content-type
image/gif
access-control-allow-origin
https://www.newsmax.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Sun, 25 Sep 2022 16:52:53 GMT
index_cc_01986.vtt
nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_cc/00065/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_cc/00065/index_cc_01986.vtt?CMCD=cid%3D%22newsmaxlive%22%2Cd%3D6000%2Cmtp%3D500%2Cot%3Dtt%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Csu
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d3b7f8dd08eeca6b81b56d24d70d323152727d6ec683d728e2463abae38a55c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Akamai-Live-Origin-QoS
d=7000;t=1664124716.678
Akamai-Path-Timestamp
i=1664124716.675;xi=1664124716.682;xo=1664124718.251;s=1664124719.486;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
454
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Sun, 25 Sep 2022 16:51:56 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
text/vtt
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Sun, 25 Sep 2022 16:52:53 GMT
generate_204
tpc.googlesyndication.com/ Frame D151 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qbb2VQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pd
google-bidout-d.openx.net/w/1.0/ Frame EDDB 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 25 Sep 2022 16:52:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
index_216_01991.ts
nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/ 		446 KB
447 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/index_216_01991.ts?CMCD=br%3D590%2Ccid%3D%22newsmaxlive%22%2Cd%3D6000%2Cmtp%3D22400%2Cot%3Dav%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Csu%2Ctb%3D590
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82fe05fc77d0f02c9637a4fcfa5d66c9e15dd7e84dbcdef250a9dd91ad055a81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
X-Akamai-Live-Origin-QoS
d=7000;t=1664124746.703
Akamai-Path-Timestamp
i=1664124746.701;xi=1664124746.709;xo=1664124747.938;s=1664124747.948;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
457028
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Sun, 25 Sep 2022 16:52:26 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535971
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 25 Sep 2023 16:52:24 GMT
da422f38-48f9-41b1-89ba-1d914cfc5ba3
https://www.newsmax.com/ 		80 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsmax.com/da422f38-48f9-41b1-89ba-1d914cfc5ba3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbc08716bf0cefb93b9b44ffaa0db4ec7507183ecd5f12143c79239d6baecaab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
81578
Content-Type
text/javascript
index_216_01992.ts
nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/ 		417 KB
418 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/index_216_01992.ts?CMCD=bl%3D0%2Cbr%3D590%2Ccid%3D%22newsmaxlive%22%2Cd%3D6000%2Cmtp%3D18700%2Cot%3Dav%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Csu%2Ctb%3D590
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1c44b83641d89369d15020687d8873861e9e5e6551949ad51f7df60aa5cb65d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
X-Akamai-Live-Origin-QoS
d=7000;t=1664124752.710
Akamai-Path-Timestamp
i=1664124752.708;xi=1664124752.713;xo=1664124754.216;s=1664124754.228;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
427324
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Sun, 25 Sep 2022 16:52:32 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535976
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 25 Sep 2023 16:52:29 GMT
9.gif
ma1540-r.analytics.edgekey.net/ 		10 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma1540-r.analytics.edgekey.net/9.gif?a=S~b=b38bfa202e63631098~c=0c22b406-d0eb-4a71-bed2-20d2a86d25d1~d=23747c94-c402-4a72-9808-b445ff8d5084~e=1~g=0~w=1737~ac=Live_1/index.m3u8~ag=www.newsmax.com~ah=-~al=Windows~am=HLS~at=Chrome%20105~aw=https://nmxlive.akamaized.net/hls/live/529965/Live_1/index.m3u8~ax=O~ay=CoreLibrary-4.20.28:JSLoader-1.6.8~cm=~dx=1.733~en=Newsmax%20TV%20Live~os=Windows-10~pd=Newsmax.com%20-%20AMP%20v9.1.9+premier~sa=Desktop~tt=Newsmax%20TV%20Live~m=I~v=39003~aa=nmxlive.akamaized.net~ap=1735~aq=60000~cl=60~ft=1~gb=~va=1
Requested by
Host: 79423.analytics.edgekey.net
URL: https://79423.analytics.edgekey.net/ma_library/javascript/javascript_malibrary.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10e:29e::aa5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:53 GMT
Server
AkamaiNetStorage
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
Expires
Sun, 25 Sep 2022 16:52:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=2385598074188552&bg=!ysmlyY3NAAYIxsuQKMY7ACkAdvg8Wu638ImsQYWOZ52UeN8PLb45DH_sNz0-nf2X2IKtmI48HkbUtwIAAAByUgAAAAJoAQcKAKYJvAG8V-aeq8yQLEDGnxCvUz49rfrXEAIK7Vj7iMx0GNFMRjl0Sm38X9CFzk3FOhjUwBijpu20mLFnesFZld_fm96WTX6nEQjeE-Bg8mxwbB4fsj2wK6Fs0Tvv8d6R61JnWX_vveNxPE81siAn7ICAF03RJeq-7B1JjAv2wXD23J_GnYBZq5iqMnnvA46lHdWUWzO56jm8nvltE9uplE0pIgbsssPomQKcwIRQhSwpLUWk0GN8h8qFouoKCwfquGcVGMIMItLsNfo2ZAaUsd99egZjy9D8Ztyl9LUp0c6Cus0HsINwLxHIzf7Z09qb-mMqlaQV0AnvHFSFG_aGQ3YxZiQ-Kq3pzZp0F2tRqMbQqIAryxcTou6X2xY7--_K0_ooTv7sIvoIKE55uO_Nngkzh76FZVe7tDGghtBSa1V9K9qsPRtB2mgNVodqpfHMr3eZac0mKvhKwdKXeZFFdwVeVOZ83jGXauyQoGKCUyW8uWH3b2Nw_zud7HnntzPqg9R0tNAvrs7kmEhUowVG0HWIHLqUv8LsiKIArHF6Cczl3jUTBp94hp79s1EW9y6_L0CcO05jqYtYS57c9JL_Tvl8El-x0Dul4XFgcr0sih7v3EdSaUumUVFXtS39gvsbm-JV_qaL5yAueUfhXQAboYbaA8psBAlMg3xB2DVkCgdwGUeeJP0UhtspQc1ijbLdi3kRXFpRF3L2qpIHiP0VFFz_2CcaBRXEoQ8ZhmBOgaXb4sVpO3n9jNZE7Uom7FtGFSW14Sg_77GcojUOSnI6Xt6y3jGuMoxmS19DtWjUJ6N4ZLJJ9rnJFZrjiXHMooyql0PnlvzXNZ4V4Fq2Cni5wrsQEYqyPW3-w63A5FnbggqXZBpJbzeMhFdOIndZlIjgYO4tMV5FfJ6cNZjs76hK6WTC4Mj49dIiTqXlteKeSvJDvaM6Bd6Dxo76S4pG05i9ayTDy7KXLXjOnxoBk8xMXgy5S2_ml99W-StMiXO_1-GjW3XTu--XDl8d9ZV1evEfbAQHNvBdoGru5BzPM7hGjB_RzAIs8Zz2ctXskfJriTs3hivhwmm1qk_lCDRP6Xqsoyl6dbdkvll2ir4JRJwjl5lkt1o7-sM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
index_216_01993.ts
nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/ 		433 KB
434 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/index_216_01993.ts?CMCD=bl%3D9000%2Cbr%3D590%2Ccid%3D%22newsmaxlive%22%2Cd%3D6000%2Cmtp%3D23200%2Cot%3Dav%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Ctb%3D590
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
93d3b17193dfc0e9b6d862ec0822a9ad1ef1cf745346d24ce7f74f84994e5412

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
X-Akamai-Live-Origin-QoS
d=7000;t=1664124758.717
Akamai-Path-Timestamp
i=1664124758.716;xi=1664124758.722;xo=1664124759.282;s=1664124759.578;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
443492
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Sun, 25 Sep 2022 16:52:38 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535990
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 25 Sep 2023 16:52:43 GMT
index_216_01994.ts
nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/ 		429 KB
430 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/20220916T084006/index_216/00065/index_216_01994.ts?CMCD=bl%3D14900%2Cbr%3D590%2Ccid%3D%22newsmaxlive%22%2Cd%3D6000%2Cmtp%3D26700%2Cot%3Dav%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22%2Ctb%3D590
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.9+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.103.72.203 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-103-72-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c134f133fa2363c0a0c75e93bb0cc4d936ad47dc90f70caf4fccfc9bd46eb9e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:53 GMT
X-Akamai-Live-Origin-QoS
d=7000;t=1664124764.721
Akamai-Path-Timestamp
i=1664124764.720;xi=1664124764.723;xo=1664124765.820;s=1664124765.831;
Akamai-Mon-Iucid-Ing
529965
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
439168
Pragma
no-cache
Akamai-Mon-Iucid-Del
1209750
Last-Modified
Sun, 25 Sep 2022 16:52:44 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Content-Range,Date,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535905
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 25 Sep 2023 16:51:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 943E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_i8LPz2juCeZX-MXNkZq6vihfVLtiZNYTkJZFPy-K0qJSne84RjptO1mRe-_vhmn5XayQ_ZexLDgVOxXX_ZJQ6jyE04Z2S_SoXEnfltJEboqT_uGRHJHBFaG7I4UOeCtmsK_Cqg&sai=AMfl-YT_5fQEet8ezoOz_rp9CchYvBesX5gq4rucTf4oeTDvHmSS8KUcUYkXiwpA2lG5JUACT2uLD_2rY8V_QTwiVDpo5X2QLjInTPlJd9d4A9Inu49p4xcfTZmI8LGG&sig=Cg0ArKJSzJvclAwqhG8GEAE&cid=CAASUORoW0h4EXC4G8I1Ej8YbwTFbMx1nIIDE-l-8Kq6NEoTEmk4fjioRZAq1tSrpy5wYbZ85f9mU4rIDF2OwID6Dks4TOEfJf8fmzZYbtN7Y9ee&id=ampim&o=960,757&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=309&tls=1309&g=100&h=100&tt=1309&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.newsmax.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 25 Sep 2022 16:52:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
520581
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.newsmax.com%2F&domain=www.newsmax.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=lBt0_Xxod0NwWnBxSWVQMWk5UFFncUViekQxcFI0ejlEd1VNbXU2MlA1V3FFbTByQzFGTjFRYm1FTUtRQWZyUTZMc3NseSs5ZzE0b3NIUnpOQ2lVeWJlRlZhN05rNno3QnlxYkh1c0ZkbmFjWnlZbXV3VldVaUVmdmEwaE...
424 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lBt0_Xxod0NwWnBxSWVQMWk5UFFncUViekQxcFI0ejlEd1VNbXU2MlA1V3FFbTByQzFGTjFRYm1FTUtRQWZyUTZMc3NseSs5ZzE0b3NIUnpOQ2lVeWJlRlZhN05rNno3QnlxYkh1c0ZkbmFjWnlZbXV3VldVaUVmdmEwaEJtdCtMVHdYeUN5Q0twd3BwVmZwdFYxUGc1blY3VWV0ZkI4YlIwdzNaa3Myd0swczFyTjRlRExFSHNDeG9Zazk2WUFnWVJYdG1mQ0FWSURTTHJyRGRvbmUydjErUGZjdHVoM0xhTTdtNzlZMnhNY3pZdFBDbWc4K1NhYjVTclYxRjdGWjQySHJlblA5RGF2QjdpS1lOZTNOKzlkNlJFOSsxTFJPcHZTTjNBZks0dmQ2MHRqRT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
39622f531bbc4655d83f6327dcb71f76fe58eb162c23c0b0053040a67819e06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:54 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1669374
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:54 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=lBt0_Xxod0NwWnBxSWVQMWk5UFFncUViekQxcFI0ejlEd1VNbXU2MlA1V3FFbTByQzFGTjFRYm1FTUtRQWZyUTZMc3NseSs5ZzE0b3NIUnpOQ2lVeWJlRlZhN05rNno3QnlxYkh1c0ZkbmFjWnlZbXV3VldVaUVmdmEwaEJtdCtMVHdYeUN5Q0twd3BwVmZwdFYxUGc1blY3VWV0ZkI4YlIwdzNaa3Myd0swczFyTjRlRExFSHNDeG9Zazk2WUFnWVJYdG1mQ0FWSURTTHJyRGRvbmUydjErUGZjdHVoM0xhTTdtNzlZMnhNY3pZdFBDbWc4K1NhYjVTclYxRjdGWjQySHJlblA5RGF2QjdpS1lOZTNOKzlkNlJFOSsxTFJPcHZTTjNBZks0dmQ2MHRqRT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.newsmax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
699099
content-length
0
expires
0
692.json
id5-sync.com/g/v2/ 		216 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
24f0c4642edae63967906dbe11fc175e5bc80df77e543eda7a76c261a8b884b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.newsmax.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsmax.com
date
Sun, 25 Sep 2022 16:52:54 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 944F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.199 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=66684
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 25 Sep 2022 16:52:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 11:24:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
pd
u.openx.net/w/1.0/ Frame D9F3 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 25 Sep 2022 16:52:55 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ssc-cms.33across.com/ps/ Frame 968A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c-2cfImqCr7ikOaKlKyvbs&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 25 Sep 2022 16:52:55 GMT
server
33XP005
x-33x-status
2000208
ixmatch.html
js-sec.indexww.com/um/ Frame 8E95 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.247 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Sep 2022 16:52:55 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4E00 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.187 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-187.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 25 Sep 2022 16:52:55 GMT
ETag
"623de86a-cf34"
Expires
Mon, 26 Sep 2022 16:52:57 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 08E1
Redirect Chain
  • https://bh.contextweb.com/visitormatch
  • https://bh.contextweb.com/visitormatch?reat=1
27 B
311 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?reat=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-m6rxw
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-75d8c985f8-m6rxw
expires
-1
location
/visitormatch?reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
/
onetag-sys.com/usync/ Frame E6BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664124770134
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame A2E8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/462256/hb_319293_10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.newsmax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Sep 2022 16:52:55 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 944F 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21515301&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:53 GMT
content-length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lBt0_Xxod0NwWnBxSWVQMWk5UFFncUViekQxcFI0ejlEd1VNbXU2MlA1V3FFbTByQzFGTjFRYm1FTUtRQWZyUTZMc3NseSs5ZzE0b3NIUnpOQ2lVeWJlRlZhN05rNno3QnlxYkh1c0ZkbmFjWnlZbXV3VldVaUVmdmEwaEJtdCtMVHdYeUN5Q0twd3BwVmZwdFYxUGc1blY3VWV0ZkI4YlIwdzNaa3Myd0swczFyTjRlRExFSHNDeG9Zazk2WUFnWVJYdG1mQ0FWSURTTHJyRGRvbmUydjErUGZjdHVoM0xhTTdtNzlZMnhNY3pZdFBDbWc4K1NhYjVTclYxRjdGWjQySHJlblA5RGF2QjdpS1lOZTNOKzlkNlJFOSsxTFJPcHZTTjNBZks0dmQ2MHRqRT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 25 Sep 2022 16:52:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
462357
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame A2E8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 25 Sep 2022 16:52:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15603
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sun, 25 Sep 2022 21:12:58 GMT
bounce
ib.adnxs.com/ Frame 4E00
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:55 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c0cbf9a-9d42-4b2a-9386-ab7d779a226c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:55 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
24b92f47-a74c-415e-ba68-b5f308b4d62e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5E9A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c9f6c4c1c609431b85381ca2349a8675423302b3be7451f5436d64048ee2a8

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
750545e62ed59b25-FRA
content-encoding
br
content-type
text/html
date
Sun, 25 Sep 2022 16:52:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3p%2FXO27n7n%2FfD%2FSoCBfK7lKV7h1RDzkHy5eoCo3cDgbTlxGcJB4I7%2BJfiOuqVC35eIxE3T%2F9d%2Fv6238UQRVyx7amQExlI1MKa0Fzm8tx%2F5%2BsoDOACfSACk6lBBhpe1GZhKsVsHifz31RA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
750545e5be83bba1-FRA
content-length
0
date
Sun, 25 Sep 2022 16:52:55 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTd0Ihbn1h4VGjcm3gQyXoZm2V5H0DrrPmF5%2B6OuvIKu4akkacnuIJIOUTHQMAikaVnQvFg5glLK2pifYvtDTAS7jViJKrWWLLyQ%2BpG6pfvFVRj%2BQwXBKP9iu1ToSZzERZ9%2BjxevETTEtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame A2E8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhIS1g2TU4tRS1BQkpS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhIS1g2TU4tRS1BQkpS
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhIS1g2TU4tRS1BQkpS
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A2E8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGY2YWExOWZhY2NiMTgyMGI5Mzc1ZWVhN2VjMjM2YzVhMWQzNDc0NA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGY2YWExOWZhY2NiMTgyMGI5Mzc1ZWVhN2VjMjM2YzVhMWQzNDc0NA
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGY2YWExOWZhY2NiMTgyMGI5Mzc1ZWVhN2VjMjM2YzVhMWQzNDc0NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame A2E8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8HKX6MN-E-ABJR
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8HKX6MN-E-ABJR
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:54 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DA9B7BA36D044415B7CDC182192C670D Ref B: FRAEDGE1321 Ref C: 2022-09-25T16:52:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpgz4fG9LBIacprXkkWg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8HKX6MN-E-ABJR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame A2E8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame A2E8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=It-L2XJoQfuKT6MGcUDKTw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=It-L2XJoQfuKT6MGcUDKTw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=It-L2XJoQfuKT6MGcUDKTw
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
5AT70AKVEFS3R27TX0BY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=It-L2XJoQfuKT6MGcUDKTw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A2E8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/pyQ4OjhrAd5umvC197bNUQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2743714255978199394
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2743714255978199394
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Sun, 25 Sep 2022 16:52:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2743714255978199394
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame A2E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKF1E6XG-afSX4q-bQiUI0I&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKF1E6XG-afSX4q-bQiUI0I&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKF1E6XG-afSX4q-bQiUI0I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A2E8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ve59NM-tTsSLL0DGfO_b0w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ve59NM-tTsSLL0DGfO_b0w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ve59NM-tTsSLL0DGfO_b0w
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
NG1EDZQNFGRV2AE4FPXG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ve59NM-tTsSLL0DGfO_b0w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 5E9A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzCHZ1kOANs1r54PNeBvMwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKL8l9pTzj4clErY6sxPitg&google_cver=1
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKL8l9pTzj4clErY6sxPitg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545e778a29122-FRA
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIIEaic4GjS6UYT%2BAFFSUHk5dR6PC%2FYvNwD%2BAMBpagL1yuMpoX1L6wQEcFWt72BFbDswY0OVy2PheXc9yXJQg3KhVqxLotV%2B6bwoKHgXfXnSgKelIjjL7IGlSMGP4Unncfglrl1pUyl8qA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKL8l9pTzj4clErY6sxPitg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5E9A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 5E9A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
S25R17GT6GTW7R43PCVN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
MW5FYM7V1D9P6BYM1M5T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5E9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKHOjK-hAN8upEpGaVoflb0&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKHOjK-hAN8upEpGaVoflb0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545e6c8199b25-FRA
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=codFtbyey0PkEwkxNYNvEFe5ISIuh2aYvMBVq8X0nR%2FDYLyP02RTOoNM29a4T4DpEBFkHpEg%2B3yauz%2FG8XVPg7GAqcnjmNM3x%2BalIlZXvmmqL%2BibO0rkDelrVLWkCdA6YMFA302Vu1w%2BTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKHOjK-hAN8upEpGaVoflb0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5E9A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2a05:d018:d29:3601:ebd:fba0:5325:a4e6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 16:52:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzCHZ1kOANs1r54PNeBvMwAABLoAAAIB
date
Sun, 25 Sep 2022 16:52:55 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5E9A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=itTDGFeQ1OCuSb5
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=itTDGFeQ1OCuSb5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545e7789f9122-FRA
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mn5xZtJw5%2BQeQWEC60E89K1TimBWreaEtZMivfrBy6MnjBHwTlxyqRYxcOmG5g8FDCnWq0YXFH2B%2FKDBE4pMnrJ%2FErxf%2FHfR%2F0M8oTAUXr%2FLfMqjL8Uk80Y9F8b9uDj6EYVi6ozGSw%2BAjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:55 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=itTDGFeQ1OCuSb5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5E9A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4398413357986781188
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4398413357986781188
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545e778a39122-FRA
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZ4NaNTjMUHmrlOJ5cFq0eYTAbTA9DP0l7WTaewpSlRAUzGhrDC4gMzFAGLXE0uymxmS%2BCu2YUbz2q%2F66E%2F7ddB4tEjYHXhB%2BvY5L3eOVsDBMAKpMN5hH4N60reDBf5uCWf9ZEz2h8PIpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4398413357986781188
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 5E9A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821781762190
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821781762190
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545e778a19122-FRA
pragma
no-cache
date
Sun, 25 Sep 2022 16:52:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZdRH1mgtm2iSZ8M6pGIINeeWP5dq11YaDPvS09fkf1uLk5Yamxc5UXYOU%2BTSB3oedg1vBTOI9RDyz8AvKf10L2hz9lKoP8KnatGEpuNVJdFjKjh2zX96eiBvHCLBFM6hDjn%2Fmji3pHFqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210821781762190
Date
Sun, 25 Sep 2022 16:52:55 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5E9A 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzCHZ1kOANs1r54PNeBvMwAA%261210
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.newsmax.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
750545e719909bc8-FRA
date
Sun, 25 Sep 2022 16:52:55 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
230
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Sun, 25 Sep 2022 20:52:55 GMT
async_usersync
ib.adnxs.com/ Frame 4E00 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:56 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c4e5bb92-189e-45d0-95fc-9b77f1c661d1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
9.gif
ma1540-r.analytics.edgekey.net/ 		10 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma1540-r.analytics.edgekey.net/9.gif?a=P~b=b38bfa202e63631098~c=0c22b406-d0eb-4a71-bed2-20d2a86d25d1~d=23747c94-c402-4a72-9808-b445ff8d5084~e=2~g=0~w=6738~ac=Live_1/index.m3u8~ag=www.newsmax.com~ah=-~al=Windows~am=HLS~at=Chrome%20105~aw=https://nmxlive.akamaized.net/hls/live/529965/Live_1/index.m3u8~ax=O~ay=CoreLibrary-4.20.28:JSLoader-1.6.8~bb=~cm=~dx=5.001~en=Newsmax%20TV%20Live~os=Windows-10~pd=Newsmax.com%20-%20AMP%20v9.1.9+premier~sa=Desktop~tt=Newsmax%20TV%20Live~m=PL~u=~v=43711.937~x=5000~y=4708.936999999998~z=0~aa=nmxlive.akamaized.net~ap=1735~aq=60000~cl=60~da=0~dc=~dd=0~de=0~dg=0~dh=0~dv=1~fb=0~fd=0~fe=0~fi=589600:39003:5000:0001:1~fk=U:0,S:5000,Q:0,D:0~fl=2948000000:5000~gb=~rs=
Requested by
Host: 79423.analytics.edgekey.net
URL: https://79423.analytics.edgekey.net/ma_library/javascript/javascript_malibrary.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10e:29e::aa5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsmax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Sep 2022 16:52:58 GMT
Server
AkamaiNetStorage
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
Expires
Sun, 25 Sep 2022 16:52:58 GMT
index_216.m3u8
nmxlive.akamaized.net/hls/live/529965/Live_1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
trends.newsmaxwidget.com
URL
https://trends.newsmaxwidget.com/api/demand/?w=167261&wlw=newsmaxwidget.com
Domain
trends.newsmaxwidget.com
URL
https://trends.newsmaxwidget.com/api/delivery/?is_blocked=undefined&w=167261&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&icr_url=&va=0&time=1664124770883&up=pc&bn=chrome&bv=105&widget_width=300&style_id=0&idhub[pubcid]=f3acf268-ea21-4048-9348-eb53b33883e9
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13781
Domain
nmxlive.akamaized.net
URL
https://nmxlive.akamaized.net/hls/live/529965/Live_1/index_216.m3u8?CMCD=cid%3D%22newsmaxlive%22%2Cmtp%3D29500%2Cot%3Dm%2Csf%3Dh%2Csid%3D%22b9685d55-22df-4eda-a01c-df02bf348fd7%22

Verdicts & Comments Add Verdict or Comment

454 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require undefined| $ function| jQuery function| moment function| timedRefresh function| fwdpopup function| printPage function| get_ZipCookie function| URLEncode function| SearchSite function| getQuote function| gup function| Gotosignup function| clearthis function| qfocus function| qblur function| getUrlParameter object| googletag string| revContentAB number| elapsedTime number| elementHeight function| getRefreshAds undefined| DFPelementHeight function| checkVisible function| runRefresh object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| bazadebezolkohpepadr object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY boolean| clickedOnce boolean| track object| digitalData function| analyticsTracking function| analyticsFormTracking function| analyticsSocialTracking function| analyticsSearchTracking function| PM_Postback function| PM_Callback function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| CMS object| dataLayer function| LiveValidation function| LiveValidationForm object| Validate function| mobileCheck function| IsDesktopRequest_Android function| IsDesktopRequest_iOS object| urlParams boolean| fake_ad object| AdBlockManagement function| Checkdevice function| CreateCookie function| ns_onclick object| _comscore object| queryly object| SiteSettings string| vrAllowAutomaticEcomInsertion string| isArticleHasVideo function| SearchTags function| LoadArticles function| parentName function| NumSort function| cleanupString function| LoadSponsoredHeadlines function| AjaxFailed object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MjFiZTU0YWVmOTc4YWIwZGxvYWRlcl9qcw== string| MjFiZTU0YWVmOTc4YWIwZGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| COMSCORE function| udm_ object| ns_p object| ggeac object| google_tag_data object| google_js_reporting_queue function| postscribe object| google_tag_manager_external object| google_tag_manager function| set_persistent_cookie function| set_session_cookie function| get_cookie function| persistent_counter_increment function| session_counter_increment string| GoogleAnalyticsObject function| ga object| _qevents function| fbq function| _fbq object| vmpbjs object| vpb function| getMeta function| r function| callback object| _bmrEvents function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| vmpbjsChunk object| _pbjsGlobals object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| scrollToComnent object| regeneratorRuntime boolean| spktHelper object| XDR_COOKIE_HEADERS boolean| XDR_DEBUG function| resizeColorBox object| OAuthClient object| interval function| checkIframe function| scrollToAnchor object| LI object| __li__evt_bus object| liQ function| OneSignal object| core object| InsticatorCommenting function| checkmx function| SubmitData function| subscribe function| populateCountrySelect number| pCount function| BeginLoadingEcomms function| siteName function| shuffleArray function| LoadEcomms string| clipBoardText function| shareURL function| GetShareData function| SetClickedShareSite function| ShareIconTrack function| showForwardWindow function| fbShareStep1 function| fbShareOpenfbd object| ZeroClipboard object| now string| callBackFrameUrl object| __twttrll object| twttr object| __twttr boolean| __@@##MUH string| urhehlevkedkilrobacf object| addthis_share object| addthis_config function| _typeof2 function| __liSync number| __oneSignalSdkLoadCount function| __jp0 number| dfpTimer object| paramsL object| paramsP object| imageDivs object| image undefined| imageWidth string| FBVrtShareSrc string| TWVrtShareSrc string| FBHorShareSrc string| TWHorShareSrc undefined| _FBvertLoc undefined| _TWvertLoc object| Criteo object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| cmscount number| dbcount number| ac string| nm_div object| nm_script object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget object| owpbjsChunk object| owpbjs object| PWT string| partnerName string| key function| dspCriteoRTUSCallback function| _typeof function| _createRawReactElement function| _asyncIterator function| AsyncGenerator function| _asyncGeneratorDelegate function| asyncGeneratorStep function| _asyncToGenerator function| _classCallCheck function| _defineProperties function| _createClass function| _defineEnumerableProperties function| _defaults function| _defineProperty function| _extends function| _inherits function| _getPrototypeOf function| _setPrototypeOf function| _isNativeReflectConstruct function| _construct function| _isNativeFunction function| _wrapNativeSuper function| _instanceof function| _interopRequireDefault function| _getRequireWildcardCache function| _interopRequireWildcard function| _newArrowCheck function| _objectDestructuringEmpty function| _objectWithoutPropertiesLoose function| _objectWithoutProperties function| _assertThisInitialized function| _possibleConstructorReturn function| _superPropBase function| _get function| set function| _set function| _taggedTemplateLiteral function| _taggedTemplateLiteralLoose function| _temporalUndefined function| _temporalRef function| _slicedToArray function| _slicedToArrayLoose function| _toArray function| _toConsumableArray function| _arrayWithoutHoles function| _arrayWithHoles function| _iterableToArray function| _arrayLikeToArray undefined| REACT_ELEMENT_TYPE object| babelHelpers object| ce object| akamai function| ES6Promise object| puremvc object| bowser object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| _0xc9eb object| _0x8f6b function| AMAInstanceManager function| handlePageHide function| JS_AkamaiMediaAnalytics function| akamaiMediaAnalytics boolean| 9263d4aa-2a8a-4901-bd47-0576c230af0f function| amaTimeSpan function| amaConnectionManager function| amaParseStreamURL function| amaPlayingState function| amaInitState function| amaRebufferState function| amaPlaybackEndState function| amaPauseState function| amaSeekState object| adEndStatusEnum function| amaAdState object| stateEnum function| amaStateMachine function| amaPlaystartState function| amaBeaconDataStore function| amaCustomDataStore function| amaDataStoreBase function| amaNetworkDataStore function| amaStateMachineDataStore function| amaViewerDataStore function| amaVisitDataStore object| DataStoreFactoryEnum function| amaDictionary function| amaURLUtility function| amaDataStore function| amaEvent function| amaServerIPManager function| amaBeacon function| amaBeaconManager function| amaEventDispatcher function| amaDiagnoser function| amaEventHandler function| amaCommonEventDispatcher function| amaViewMetrics function| dashStreamInfo function| hlsStreamInfo function| nonAdaptiveStream function| streamInfoBase object| streamError function| StreamTypeDetector object| regex object| match function| printVisitStore object| React object| ReactDOM object| PropTypes function| ReactHint number| iterator object| nodeValue string| parentKey object| closure_lm_760817 object| closure_lm_952971 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| Hls number| isAppDebuggingEnabled object| pageInfo object| adSession number| bitRatePlayTime object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 number| BOOMR_onload object| GoogleGcLKhOms object| ox_esp object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| streamObj object| google_image_requests

86 Cookies

Domain/Path Name / Value
www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965 Name: _liChk
Value: 0.7025902225253677
i.liadm.com/s Name: _li_ss
Value: MgYIgQEQqhMyCQj_____BxCqEw
.bit.ly/ Name: _bit
Value: m8pgQM-8d0fc95940a4ecd03c-00b
www.newsmax.com/ Name: CMSPreferredCulture
Value: en-US
www.newsmax.com/ Name: ASP.NET_SessionId
Value: i5pk3pp0ednreync5eqkrxra
www.newsmax.com/ Name: CMSCurrentTheme
Value: Empty
www.newsmax.com/ Name: promo_code
Value: 1034014qqur4
www.newsmax.com/ Name: BIGipServernewsmax_v11_s1_pool
Value: 521119936.47873.0000
.newsmax.com/ Name: AKA_A2
Value: A
.youtube.com/ Name: YSC
Value: GeWDMHaY7kU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 3inoA7j4Emg
.newsmax.com/ Name: _gcl_au
Value: 1.1.1916367495.1664124769
.newsmax.com/ Name: view_cnt
Value: 1
.newsmax.com/ Name: _ga
Value: GA1.2.1883331922.1664124769
.newsmax.com/ Name: _gid
Value: GA1.2.1161030251.1664124769
.newsmax.com/ Name: _dc_gtm_UA-31221-1
Value: 1
www.newsmax.com/ Name: qcSxc
Value: 1664124769514
.quantserve.com/ Name: mc
Value: 63308761-8cfd1-34544-ff11a
.newsmax.com/ Name: _li_dcdm_c
Value: .newsmax.com
.newsmax.com/ Name: _lc2_fpi
Value: cd49d5059397--01gdts1n9nbjeccsjg33v44bv0
.newsmax.com/ Name: __qca
Value: P0-1659173303-1664124769511
www.newsmax.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.newsmax.com/ Name: _pubcid
Value: f3acf268-ea21-4048-9348-eb53b33883e9
.newsmax.com/ Name: _fbp
Value: fb.1.1664124769845.318140719
www.newsmax.com/ Name: __atuvc
Value: 1%7C39
www.newsmax.com/ Name: __atuvs
Value: 63308761deb057fc000
www.newsmax.com/ Name: NMSeg
Value: PR
.addthis.com/ Name: uvc
Value: 1%7C39
.liadm.com/ Name: lidid
Value: 75f180be-dd61-4db0-a4ee-5c06ce3ac0e4
.addthis.com/ Name: loc
Value: MDAwMDBFVURFSEUyMzA4MTg5MzAwMzAwMDBDSA==
.rubiconproject.com/ Name: khaos
Value: L8HKX6MN-E-ABJR
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqnfURtLQ2I+bU1ZxogGjlwOA+xFj1I9sd0zdRXVxf6zI/W6xcyMuYgcT0m8oFLWmOANaZf44uYYSYbB5SW5XQ32YoH28FgeNCma+WVcS1g3g==
.newsmax.com/ Name: bm_sv
Value: 8E74820077A806CD1468E426C5F715D8~YAAQnGZWuGA1pGGDAQAAZdiQdRF8VQHXn56lXFN9xVrb0zkSTSV+Rt+kb6fjuIxFAq/Oydls6Kgg5fBLlh+l8u3wciImeHRC72Itd3A0tauUk57bEEok/f9FRtogoZuc4Ql40LXhpc1LxjwykOxTVReAp4ngPhpeYbf2gr7GIVGsAnocMSu4XZg3lEVQwORTebKUVh0/qKjK/CkYZzwLODQNLe3At0Igg+omsvb2J/DsbyT1gwKz5HbWhOb/uj/1KA==~1
.newsmax.com/ Name: ak_bmsc
Value: 33C914F9B1FCE296D0AB84513C83E374~000000000000000000000000000000~YAAQnGZWuGU1pGGDAQAAqNiQdRHjWQS0o/kgvZJ31PcIGPFfeHMe42r3P/xLwtkoBIzycaWeDuV8gyHXwr+B4btN0uwZHlyI+UpkgfT68otqy+FI3tVxvoP7hK1Qap/Qkt/+sTsa1BwaRYW5kODHYW9bxNDa22vtK5vu7XrISTvmFDrRMSQBsE5pw9LqI6SW8n8mrhSMEqkYStwQ5Db03rHH2X7U+ZccNINj9ELS293BIVg8tE1wIv+wV29FcTTvMPTNUc6QGrFzeTz7EmvWuF/aQNlOpYEZ3Zo/PfNZprezRqaluQbDIDWQ4h/TeY64fmcenU5y4rVUsCJEl9qh9wfjA/wnxW3+vjejZcR5a6P1nIlzxfdbkGSwUBtQaXt68cCvX5/XtXSee2O6DkObIjXTBU+aeGTBoqYhJvNSsjRkJpycHhsZCGu4tURXZgRCkn/5uguxRaYk1RguSDD+gK2nQGX7zH7dQ2mN/2yvGgwOCv/B3TPy8KJHDiR/QvkirJkGmgw=
.go.sonobi.com/ Name: HAPLB8A
Value: s85110|YzCEp
.newsmax.com/ Name: _gat
Value: 1
.newsmax.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9qzS9H5iQrRuMm82N2Yi2EhRrf3a_gKYT-_1-_5gM-l8X1NiF2bBg19Ry7RPTRyzGNFx52iz05cUQjcM7VTA2XbmqLmlg3_DybvGHmj2USF4IKUHZIsa3WBuE-AJjcaOF6oGPGfKl-3HDSfeTBEwawWm6W2A%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.demdex.net/ Name: demdex
Value: 13370628435354752492785162985303783267
.addthis.com/ Name: na_id
Value: 2022092516525100043404379236
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 633087636887f8ee
.addthis.com/ Name: ouid
Value: 633087630001cf801c944eb71fcc35f12ae169891e130df62b67
.dpm.demdex.net/ Name: dpm
Value: 13370628435354752492785162985303783267
.bidswitch.net/ Name: tuuid
Value: f92e2c29-b3d0-4ca3-8215-9a4a3292749f
.bidswitch.net/ Name: c
Value: 1664124771
.bidswitch.net/ Name: tuuid_lu
Value: 1664124771
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.mathtag.com/ Name: uuid
Value: 8e6f6330-8763-4a00-9cae-d353eadd48d8
.onaudience.com/ Name: cookie
Value: 70d7ab68a8b84f3c
.onaudience.com/ Name: done_redirects104
Value: 1
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
www.newsmax.com/ Name: _lr_retry_request
Value: true
www.newsmax.com/ Name: _lr_env_src_ats
Value: false
.doubleclick.net/ Name: IDE
Value: AHWqTUkuG-9OJjwiYAeTXT0sPurZXlffP8JI58pIflKQstYJjJVWPDDk6ZqstgX9h0g
.www.newsmax.com/ Name: RT
Value: "z=1&dm=www.newsmax.com&si=1fc06109-cb7e-4753-8234-58413a75399f&ss=l8hkx4t5&sl=1&tt=3ps&bcn=%2F%2F0217991c.akstat.io%2F&ld=3py"
www.newsmax.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-25T16%3A52%3A52%22%7D
.newsmax.com/ Name: _gat_UA-31221-1
Value: 1
.newsmax.com/ Name: panoramaId_expiry
Value: 1664211172718
.newsmax.com/ Name: __gads
Value: ID=cd669b6f5373a026:T=1664124772:S=ALNI_MazdqMjswHcrfeNTGKCN-1ZlDPsOg
.criteo.com/ Name: uid
Value: cb1ccbff-5d05-49a3-b778-01925a6e611b
.nr-data.net/ Name: JSESSIONID
Value: bf38d27a8bc3890b
.openx.net/ Name: i
Value: 9602563a-db1d-4b67-814e-12b2cf6c62a2|1664124773
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ads.pubmatic.com/ Name: KCCH
Value: YES
.newsmax.com/ Name: cto_bundle
Value: S6TxSF9rd1NOTWNIUW05czUybXAxSEolMkZkNiUyRkNoNFhiWGlGZlY3JTJCelFYd0JMQnFjS0FwWWZ6Mmx5YVNCNXk2YzNpNHp6bWkxTk43JTJGRzFJNXBZV1kydXBmYTg1T05TenZBbjl2UTR4YTFtYnZ2ZHptaVVnTCUyRm85cGxPcWlyR2RIUlIlMkJxJTJCVGRoWlhDZkRLTm5FS2NmaGdqVHJqdyUzRCUzRA
.newsmax.com/ Name: cto_bidid
Value: U6YEm19PeVpWWHhRWnJka25LQ1pobnVNdlJveFVRSmdtdHlSZm04V0FKbFh4WTdvelJSVEFXVnZjMnl2VUdXQ0w5SU9SeXNScUVMdExoUkNkbm9zSllrbEdxbUtCSnhQdXlXMTJ1QjNPZnRIMllsYyUzRA
.adnxs.com/ Name: uuid2
Value: 1657112082139602804
.casalemedia.com/ Name: CMID
Value: YzCHZ1kOANs1r54PNeBvMwAA
.casalemedia.com/ Name: CMPS
Value: 1210
.casalemedia.com/ Name: CMPRO
Value: 1210
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0e280f964be0c142
.w55c.net/ Name: wfivefivec
Value: itTDGFeQ1OCuSb5
.yahoo.com/ Name: A3
Value: d=AQABBGeHMGMCEEU-SoTBkCLw-P58YW00AOYFEgEBAQHYMWM6YwAAAAAA_eMAAA&S=AQAAAiZu6XCdt3gb_BzazXBAfxI
.turn.com/ Name: uid
Value: 4398413357986781188
.w55c.net/ Name: matchcasale
Value: 5
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjS3MDQ3MzK0NBDiM9T1Sw4O1C0oyAp38jEEAFvc9uYlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZiaGRibm5qam4MAO283HcQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjS3MDQ3MzK0NBDiM9T1Sw4O1C0oyAp38jEEAFvc9uYlAAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~27d4
.casalemedia.com/ Name: CMTS
Value: 5179
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&a64f6f96-07c9-4861-884c-1e3b930c8a8e"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjQxMjQ3NzU7MjswMjEU3tugL4xgEqkl9QCvo25eGNK+EPOLZIYzF1Nyanefgw==
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2763:u=1:x=1:i=1664124775:t=1664211175:v=2:sig=AQFT2Jqj78i73UD8R1SvjS9TV1UHmHzP"
.amazon-adsystem.com/ Name: ad-id
Value: AySIT8DBE00BnAGKOLYMRm0

6 Console Messages

Source Level URL
Text
javascript warning URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=newsmax&version=9.1.9&_=1664124768915(Line 18)
Message:
It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
javascript error URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Message:
Access to fetch at 'https://trends.newsmaxwidget.com/api/delivery/?is_blocked=undefined&w=167261&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&icr_url=&va=0&time=1664124770883&up=pc&bn=chrome&bv=105&widget_width=300&style_id=0&idhub[pubcid]=f3acf268-ea21-4048-9348-eb53b33883e9' from origin 'https://www.newsmax.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://trends.newsmaxwidget.com/api/delivery/?is_blocked=undefined&w=167261&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.newsmax.com%2Fus%2Fdonald-trump-rally-maga%2F2022%2F09%2F17%2Fid%2F1087965%2F&icr_url=&va=0&time=1664124770883&up=pc&bn=chrome&bv=105&widget_width=300&style_id=0&idhub[pubcid]=f3acf268-ea21-4048-9348-eb53b33883e9
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.newsmax.com/us/donald-trump-rally-maga/2022/09/17/id/1087965/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.newsmax.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13781
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991c.akstat.io
10861750da4cac52e4c8b9a38ef1fcc9.safeframe.googlesyndication.com
3fznue5ydezdgyzqq5sq-peupts-f81876dd1-clientnsv4-s.akamaihd.net
79423.analytics.edgekey.net
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
amp.akamaized.net
ap.lijit.com
apex.go.sonobi.com
api-public.addthis.com
api.rlcdn.com
app.beyondwords.io
assets.newsmaxwidget.com
audio.beyondwords.io
b-code.liadm.com
b1sync.zemanta.com
bam.nr-data.net
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
bit.ly
browser.sentry-cdn.com
btlr.sharethrough.com
c.go-mpulse.net
cdn.ampproject.org
cdn.indexww.com
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
eaarwyaaaibeakqce3ydkaaaczrtbb3f-peupts-27a414a5b-clienttons-s.akamaihd.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.ytimg.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
ipapi.optiryte.com
jnn-pa.googleapis.com
js-agent.newrelic.com
js-sec.indexww.com
m.addthis.com
ma1540-r.analytics.edgekey.net
match.adsrvr.org
metrics.beyondwords.io
mug.criteo.com
nmxlive.akamaized.net
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-sys.com
os4m-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
product.instiengage.com
proxy.beyondwords.io
pubads.g.doubleclick.net
px.ads.linkedin.com
pxl.qccerttest.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.amazon-adsystem.com
s.go-mpulse.net
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
soapps.net
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.criteo.net
static.doubleclick.net
static.newsmaxfeednetwork.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
syndication.twitter.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.newsmaxwidget.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
u.openx.net
ups.analytics.yahoo.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.newsmax.com
www.queryly.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
yeet.revcontent.com
yt3.ggpht.com
z.moatads.com
api.rlcdn.com
btlr.sharethrough.com
nmxlive.akamaized.net
s7.addthis.com
trends.newsmaxwidget.com
104.103.72.203
104.18.18.126
104.18.19.126
104.244.42.8
104.75.88.126
108.128.210.64
13.32.121.17
141.94.171.215
141.95.171.142
141.95.98.65
142.250.201.194
15.197.193.217
151.101.130.137
151.139.128.11
162.247.241.14
172.217.18.2
178.250.0.157
178.250.0.165
18.156.0.31
18.157.92.103
184.25.50.51
185.29.132.241
185.64.190.77
185.89.210.153
193.0.160.128
198.148.27.134
198.148.27.139
198.47.127.19
2.18.68.187
2.18.68.199
2.18.68.247
2.20.72.167
2001:678:cb4:bbbb::11
213.19.147.42
216.238.156.11
216.52.2.48
23.205.235.133
23.35.237.151
2600:1f18:730:b140:d4dd:8728:eb33:a60d
2600:1f18:ed:550e:da96:e3d4:ff6d:c616
2600:9000:223c:2400:6:44e3:f8c0:93a1
2600:9000:223c:3000:8:8845:1500:93a1
2600:9000:223d:9c00:9:78a:e540:93a1
2600:9000:223d:cc00:11:615:7240:93a1
2602:803:c003:200::61
2606:4700:20::ac43:497c
2606:4700::6811:180e
2606:4700::6812:c4c
2606:4700::6812:cc2
2606:4700::6812:dc2
2606:4700::6812:e234
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:801::2016
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9c
2a00:1450:400d:805::2002
2a00:1450:400d:807::2002
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2008
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2006
2a00:1450:400d:80c::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a02:2638::1c
2a02:2638::3
2a02:26f0:10e:29e::aa5
2a02:26f0:1700:11::b856:679c
2a02:26f0:1700:388::11a6
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:7100:59a::11a6
2a02:26f0:dc::6853:538
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:400::729
2a05:d018:d29:3601:ebd:fba0:5325:a4e6
2a06:8640:764::2
2a06:98c1:3120::c
3.126.109.121
3.127.193.182
34.102.146.192
34.120.135.53
34.149.20.76
34.98.64.218
35.168.71.120
44.206.182.6
45.133.44.4
51.38.120.206
52.209.70.49
52.213.127.205
52.46.130.91
52.55.141.237
52.94.223.167
54.194.226.232
54.198.172.131
64.202.112.223
67.199.248.11
67.202.105.22
69.166.1.14
69.173.144.139
69.173.144.165
93.184.220.66
96.16.134.193
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0170004a718387fce95146859083c72db0df41425ec06c63d9e63e28d667102a
0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
03c6dfd41e6fb9a5dec5e2467e3846a72c8001f62068b65f5fb635aed338aea8
03d8d375110f1a0305d787365607af49c29229381a092d932a2d63661d2de837
042e02b2727e7c97a463361c322a8c85143ccdcdc62025c618b1790c3a7f3a14
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
060cde88720645d0405c137b4511a6e7b72460f154a7484db6b52f7569e3db84
07e8ed6d8e42822430361190b95fbc0a91620258b499041efe94578ead944eb1
095d10dea91ef5152455a48e6a4005aebba2c570c37b7bab37ce5bbfbe693b4f
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc132d8f8081cd306b286f39d079ec760ec04ba766f59ccd8d019bb13fba698
0c172dad51094a7b2d6ef406709ba7b3d58a395c89763e2b4883a842e3dcfcc6
0d3b7f8dd08eeca6b81b56d24d70d323152727d6ec683d728e2463abae38a55c
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e0bceace75c4b5d1524ad4d542a9ff7c0c720e5a604d7edd034a3d1aed83e72
0f8f6059a89bef196156d9e5eba3bf4b6e11b7d15b6653e2c8e126d970937a79
10197f94d9817fdfd829db9b169f148e26304252f03761476d0c859b2a2d9945
1097241a15d3aae26d1191cd8d5d463d479149d21c8306c712ca2f8c559945b8
1171885a6d2ab2eb72e3b49ed9c235b20ebf1d45b20d1535730c19b073806768
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12b00dd2ef9e72b1cf20247b7312dc9c8618f0be4fadac78210fd43a1cd96a53
130781ade399ad93ebf0206597df48a05924bad1cfe8dd33c2ee059940b66cf9
17b100a07eaf050f9955f6ded96ceac0cec7bf008cb3fc78e32fb70af65eaf7e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1963f6ba3fb5c0fe5ea91c5156292beb8dfddee3e14bb995185f5b440dd9f0af
19f71a629871e89dc309b963bf234769101f4c114d59b9335c7a15891821e03c
1c44b83641d89369d15020687d8873861e9e5e6551949ad51f7df60aa5cb65d3
1d0cb525db1d96aeb176ff1f95275446dc1fcc4235d7e650764127a172b7d634
20a7d63f70f482fc54390f4ffa8187d77c4aab17ac34c37e6c103fc6a9478610
216ab875fa885a14732c20391ec3e00200ea7dfd1cc15f5d9c599df3c13268d0
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
22f7e3e08adf9cb1289dc5a96a107f086ddaab4fcb4e3a09a1ddc4a0f38ac9d4
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
24561fe775c2aa05376c741a39d56f0de51734139f34cd6dd9c8b302f3b46d19
248ed2a5398bab8ebc5cc6e24fa1478c6d45926ac9562881bebbc5a6d1650d71
24f0c4642edae63967906dbe11fc175e5bc80df77e543eda7a76c261a8b884b2
264a4152036cf4c4deba274551e5faa60e993d776a249c58bcd5fff71d3f59ef
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725
2a9f2b577571b539600643e3cd96e058e33aa48a47ed4afb6ae4f6989eb8c17a
2c79d7afce11aeae326c31014e7029e5234a98b5282c6fb8a83d3b5efaa3f250
2c97cf46eba9175dacef3b2f48dbc995bfb45c10252f04c54373d3e9c3cac24c
2cb0b567a460d1ad8cda6eb7df264e6070ff50f9cc54548b81b07ab44671aa9e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f0dd8ca4aa9fb6b68aee8d9ec46d7c9a89c094c0c33d1c96158130e7a28440f
30235be1a8cb2c0b43d75136c68490e0cb2c16c5c43c6d2b0e755bf97145c4d6
305077dee7fbda679e06c0f1414df9f1dde1253340dfa5fe263982423e2dc5eb
322efa9e492ebacc0990d1417a92af7eb0eb5bce6893dbd49afeb0cd9756f654
32c7487cc816da6071ed8bbf4e16a231480f3e00b627e298b1324f8a440b9908
32e00962cfd34e078948b07cee9f43a7176fdc2acc8df0e81926c2359ae0b689
338390ac7aee8a2420466a23996b69fc156c9ae7fac1b1853eb07b9b8b6d7614
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
34d7ecd8274df6ec57884dfcdfcd0ae24aed20ec59f0624de787d125b2a8c4be
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36d912aa32e54f106262e662f94ec237f079b136ae5a5f32e2ce14c288f35f7d
39622f531bbc4655d83f6327dcb71f76fe58eb162c23c0b0053040a67819e06a
3988f57751937ac8f5ceb338d62672d4f6ae1b8dfdbb969c651adf3184ef830d
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b57856220502463404208797101b5694691dd36e30354f5ff57bc144fd611d9
3d59c38f29219076d85b1a323bebc72fdf2079d419107a935516a516a82551a9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db1711b708e98ad42b7764a019342259e8c5c8fd4d4602fadd8e28b69f0200a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb72c22ba0124e76182f180a32d33f38a27128da47a0670f7a1dfdf5c4fb327
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40b236f82ab80f86a107f3f515f08efd59e273ef9120c58ef6f1f92c5a59676f
41942ecaeced47f7b84d0620385f3f4f23ff0051b5661c3d8d7e7dcfc789775b
41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45c9f6c4c1c609431b85381ca2349a8675423302b3be7451f5436d64048ee2a8
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
46e9d1aeae4d179df6713026d79079064638720bfbf53a6e766f89d90bb0fb28
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4ac3537cc63f1ad2b631472037e21dfa41ac9a3fb91f567ba312bb7b1ef55759
4cc3aa296e490c4345a5746b895a922cdead09f111a80b38a2d2ca97f19ab634
4d587885f84d5f0b3287ee5a85401c1fd06b7a79bb62fbec528ce26585f85852
4d82fea90c3639220ab27bc1d7af09cf28d8c415f5c79243ac12cbe267ecfc2b
4fed3488b948079beb8ee72478122cd2d04a753f443f89b6d871a0a746c933e4
500b1cb2d9aed655f5bc0eb0313a6ebf75d3613e94b2234a60f532eea7e51590
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
518a60fee17316c05108a084582854df899339bb298832856af1f7f2737fb768
51e17e3f5e6852ad0460fdb853ad606b6a686fbc52314015748c2510bbb4d91b
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
52bcc52d907f346ed5c8e6b599e3864bb795340197fe0668811d5b803fb378e7
535a4d426da3073b60ad8ba99cdad68b05fecd9a3ea84c42460ff765afdd4a2f
53c98c58cb94c28d139be3e9cf2213247e3e61ba4e83f59d7911155bd764775a
53db8744f964bd8338726486cd2c63a5e5a14af83d9e5553b35ec69fcc184ac4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
548ff995b93f8f32334747b861c74a4dc11d6624456679485d6d4a6930d39b67
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ebf9588688f321924d70912ae583ac891ce5a72bf13bf8b4982eb3a670b773
5739c73aae8dcd2db9eeb6bcb168da14cdf299a4e9bda32165ff45ac27e931c5
57d991857048a5599b4855dc7d67079cc556e2ebfef75189b89d6e5fc82a40a9
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5c08c3ef96306e2c159d7bf36d0180a90db79c97bb9905c0ba5e9a67f4477d77
5de21940b9c196fbe32c6df9084c26b88f9ae329642141a5a616c27b2ee90b3a
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2
5ece4398c41c452d1fb318c62936d1d73fffc2f6dfdf10ed988ac67113dee701
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f79d06810cf448519b18ccab3fdcc94a27457d67457c0ab90fc00708ef85245
5fb513268e641e680e8f2c0848af922f84c20368d1838b90655571cef9975b6f
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
6409a3197cf3c4dbdea7fe09e73ef51b077d98df9351aa3bee222cdc3d7e7160
64751a151c60076c950a230ac692ac7ae5ccef6a53dc14ae8d57a594f4156ed0
64e04671728c5e5887c139892fed16dd043c733c94628cc76be963389cae8952
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6761a2a57e8b3e044cf26b1513291ca691dab6679913aadad03b36492533d382
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68130f5af465db2a91fee676da2cf20e4882de672632d70633131990990eff57
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6a5b11adf253955f0049d330b639f0598cadaec115854b6dfc4eb246dd8c8f92
6ad0665b8b1e41b73f4232e0c7940822116c2038cd2550897549d7f8a2bff668
6bc30e75c37bf18ef1ab4c691fa3cb3e8733f6c33bdd18d76e7c08c6d86040ee
6c4d51c996c96d360f456c632a2a8152c3f6ad80db759dbb23c11d41fcb93a07
6cc5a724429ce55a33d31524a887567f521cc0a55b3d8da7dcc16507b24ba309
6cd2c233f27a479e0b4edf3b28e6d92bacb174e2bc93adb6891848256df8502d
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
74cf92918c890b284b78f091857714667c52d34e5839bcb245d593991a2783b1
757ad58c6b674c76006228159758edd7b77dd30ff9cd969f54ea94bbd2c31d94
75901c93894eb616d8c7a232bf58969dfa3899a4ddacdfcab0bb5d6e16ea28a2
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
792841a32ebf331ee6adcf3f7714ae9cca8cdf615fea08bee8f13d8a83dd8688
795c2a780c7e9955913c82355bec4c8e336a7514df8d658eaf87b240501dd5f1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aaec8aac258488f936c7593200c31a39da99c6a77e0e2bce90d12941a35813f
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7da725a4e569fa51a7806d6dcb73dff629394df2c1139ddf1ec63b73cadbef67
7e5d5a059c7d1eca2b3bf6e72ce26282597bb69e0b8f5e58125acd1219dd3d47
7f4f75fb519a433c4dc8dcd6ba9749cfb7c4a21e4cda5d9daea541bacdc76d71
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8012966b8a4f19d12681d59aabafa32e1c7da3911235f19cda5fc555ef206e60
8029ad5fce3ad8d2ed1fc1c933833cebd9ff95aa00eca0f062d9aefa8ef7d107
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
824f4ca1a4d8e5d1bf711ba3923cf38a75916abb6e0af5e1e137852c108b7e83
82aacaa36fe3eea0f8da1687cc73a6d915e26f8fd971b375496376118b3752f6
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82fe05fc77d0f02c9637a4fcfa5d66c9e15dd7e84dbcdef250a9dd91ad055a81
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8476e023a74cecf03e25daada89c02053cc89a021dee725e4ba195dfdadda1d0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8edc122b4af22856c447b956e3624e7eef46790989835e24ca05ca1724089a0a
8ef6d6383702bc06b134e946c269ece57f40b540882483d804cea173a235831c
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90fb6f285e623bb5acd728f0422f99bc79c9f405374034703045cbd837c3349c
911a0d45a79db6dfb420d88c00c9d880a43706bb0e9130770ddc05b8e78c4eb5
9186fc11b2a687dd6fd7bb9ce6e5f03154f6d4a1361d8a6b4d0d40ad9edc9c13
927d2d0580e7860e0c91d4388b4d8b286344294b8f517fda6d3f9792d5048a41
93d3b17193dfc0e9b6d862ec0822a9ad1ef1cf745346d24ce7f74f84994e5412
9500a28c9236572133e8e9ee302ccc8bdbeda7be6e0c5ec45df237f09be12608
961dda22525572016c6103bc68c40c30dc924ad3fc17e079a4b9e6c5a2d5ed8d
976383215c7ae7404b7b6f795094d7c212d38f28fefec032f78a200a4d143daf
9aa1067c5719c299768661cb171ae512bf6fb17ab3f535e1557f1dd0830e7a1d
9be876fe63884efe9e4c2f3a0811823845c61f31ee14e012ec4529c11360c623
9ce5e5b6c6ceb76402d5d13a15ff17223de24c484c2f2efe7cdbee4ac0eab96e
9cef7f743987479022148931132527fe1b8712ea4949cae7a5e9b1b73884f9fb
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ea455069ac1cb7e328fbf59cbd34b45362e161e8747f13c01a416c4c25f2ad5
9f853324be60f9bd240ae481ca815542154f5cc07530fa34531fabe726286869
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a3685b9d4693dfaf046bce791f9ac15ff0489c42fc38a7fb156ebb921db86421
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dfd75e64b982b6163e6017cb89ec6c5217197a8949330f58a6d1f6991bd541
a5d0212b57cd91453464ddb13dd3ce87ced642a8c2e68a5c62e5273dc79aad4a
a694dfbdef7cf57647736e00e5fa86338f3c644a66adb0fc20a2484af9646612
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e82da5ca4dbba958cd0b570a8b59ff123968e41bc6abdbe7ddf9dc97f3f7d5
a9e69f834d41d6286b7a5e97be78f9bfce63f3de2fa5bd5d46d03a1b86492878
aa0f38af9e138a9b67cf922ac3e99f6fbd1c85202d18f601f880aff3d3820df8
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
aca9e5a67f06ff68ac7ced2031ef234afd2f20010451a904f25b8d4fcbfb04f8
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af8cd4278b9717229c97e35d39e6387833877d6c35101b01745abc123289c463
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e4c1038e23928a51053c536317284c3e7a422b189ebb9f20f0ca07e8eb7d3
b2e91321d1b560fe1ec1aba1374e92c5dd4c33b2abc0cdc6079b5b74894acd56
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b65cb054005d10d68216cfe916090cd3f00f22ade446f60393a30bd9149534de
b6dfd98a35abdb3d4d3dea08afcc976378bb9fb6d0aa4debe4db058e8eaccc10
b8c6fa984ff3a7129c404fde0f79f0cb985e8c87c722874a0c947d160dd43e1b
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b96868ee0f8c549224fc5b618409007b1cb3a9d1c6632a44cbb85eb809e0ff69
bae2a98cd5d5d8ef799bc29a6d713fb7be4286f61a1aa7bc787c8beaaafa1e79
bb34df5214a8b9cd7d9bfc120252b6fdb17b03a094692822637de21145cf3df5
bcac3bf87fa15538baecc11175568cd47945a0f3ea3c91d23daafe6423b56983
bf0166ff0311f716b559f386a8411a4b51e6e4b4102f1ecdd8b8eb460b4b86c7
c12140b4473f394cc528bb35f79e33d7c0fc900303ed5c207166516d6b60ece3
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c134f133fa2363c0a0c75e93bb0cc4d936ad47dc90f70caf4fccfc9bd46eb9e9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25a41beadb5afc68a4c4b2b1e94143ae0b6db7d3745640f4d55a62c2851e133
c2e808f7162307caeb58b376170c0bd27635d55183a3d0f055295d7ed2fa8313
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c501541554a9ee183ce8b26b610031b03b1ca5282a807d636527b92d42a4f393
c5d0df13260eb9ca7a752bbafa14b8435422c549b87dbce8958406942d59967d
c85e0b85afcd7c89b23adafe1e70845cdfa104a9a44e1f4899b76927172fcda0
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb9bc10b6366f9d1b1b9dc866c19e6dea87af407c8902fc3ddb9b632e370a2b9
cbdb4bc41004f97c6c9fa44c345648c0af599f2b5930abeb51c5be29d9c128ab
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d6f7ad41fd49182c64a8e99d2567ae6f550852bcd1afa1a85ec7c60d645909ef
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7be60bf9813429125aa4f823f1c1b0511f7d4dd7a9bb6617c700470d8884af1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d896e9d0fc4c7e1ba109755cffc4416210cb2bb25df9eae39524828a876b2e4a
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbee566520ab716ccb3e3b219132886ca0d640afe3772a15bbbf7ef7a014f594
dd1e395622ba3b297d6f5b522f13c7ce1682dd5ae900513cb9abb2bebf5f2cf6
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe606cc5fdf6135e40c7b9ad2138fa81d3fb6a5fa332007f29f1377b3c94063
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e13bf1e03cd72f04b8bb8cf6341a968a1a192fd350ebda1adef6bdeacf78930d
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e28d361522da36d93bae9cb3d54c96027213cf23fc93c6a9b1613cad8846a9e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61765a17b8fbd58a6c2cb2bc3807751e762e5dfc8dcff3bc5d1614f15757bb9
e7ddb6a0e855c5e9ec7b21b5bddab044922ba7d768781a19466fd09eaf2547dd
e81bebe8ea7dfd1945b109a9fe486ecf3b8951306ad8d3f6691c29dc2ab3352d
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
edec56f1b9bf23561d3cc40e0b459a6a363e5e1f59ef50921100a84b0df52efd
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f167523e2439e9cc65490e5fe063ee0d3a9ad7d890bf1f53c3194d5ab16c17e5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0
fa57a94de8815e3eda62b6878b021b55faf626888cbbf580de8a28ed84990a0d
fbc08716bf0cefb93b9b44ffaa0db4ec7507183ecd5f12143c79239d6baecaab
fcbd0a3ed071e8d2e2e880e8b73cd9e2560fd6fc54837804b86532393fac3246
fd7b76263428d15a209bea5abba0c2c72b29cc6e84337eda19de82bc61d1a8e6
fe41c6a5b98fa1a6c3f176661e1998e25f7426d3097b8cea5254409bc7176a30
fedbb98e0dadd4964896ee19251fbab829fcfb84fd7710ee7a56d5e87a7ac914
ff0cd27464af92ef4955485402b156bb4233559c2ec249d3f2e1672bd74d570c