newsdaymorenow.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3yoBYZU#uvz47glEzz
Effective URL:
https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39...
Submission: On August 04 via manual (August 4th 2024, 11:05:24 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 49 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is newsdaymorenow.com.
TLS certificate: Issued by WE1 on July 13th 2024. Valid for: 3 months.

This is the only time newsdaymorenow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	64.176.192.13 64.176.192.13	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	23.45.98.104 23.45.98.104	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	151.101.128.238 151.101.128.238	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	34.160.236.44 34.160.236.44	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	173.236.251.200 173.236.251.200	26347 (DREAMHOST-AS) (DREAMHOST-AS)
2	45.77.73.12 45.77.73.12	20473 (AS-CHOOPA) (AS-CHOOPA)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d014:286... 2a05:d014:286:3501:53d0:7349:324c:7f92	16509 (AMAZON-02) (AMAZON-02)
22	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	12

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.176.192.13 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 64.176.192.13.vultrusercontent.com

dvbghy.online-beauty-care.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.45.98.104 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-98-104.deploy.static.akamaitechnologies.com

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.238 (San Francisco, United States) 2 redirects

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.160.236.44 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 44.236.160.34.bc.googleusercontent.com

definitions.sqspcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.236.251.200 (Ashburn, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-kant.iad1-shared-b8-33.dreamhost.com

stevenlevithan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.77.73.12 (Miami, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.77.73.12.vultrusercontent.com

dhlbxrip.oliverneberry.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:286:3501:53d0:7349:324c:7f92 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

home.xreholor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

newsdaymorenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	newsdaymorenow.com newsdaymorenow.com	802 KB
10	squarespace.com 2 redirects assets.squarespace.com — Cisco Umbrella Rank: 9585 static1.squarespace.com — Cisco Umbrella Rank: 9497	649 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
3	sqspcdn.com definitions.sqspcdn.com — Cisco Umbrella Rank: 89721	4 KB
3	online-beauty-care.com dvbghy.online-beauty-care.com	109 KB
2	oliverneberry.info dhlbxrip.oliverneberry.info	802 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	165 KB
1	xreholor.com 1 redirects home.xreholor.com	2 KB
1	stevenlevithan.com stevenlevithan.com	2 KB
1	typekit.net use.typekit.net — Cisco Umbrella Rank: 1178	7 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6373	457 B
49	11

	Domain	Requested by
22	newsdaymorenow.com	newsdaymorenow.com
6	assets.squarespace.com	dvbghy.online-beauty-care.com
4	static1.squarespace.com	2 redirects dvbghy.online-beauty-care.com
3	definitions.sqspcdn.com	dvbghy.online-beauty-care.com
3	dvbghy.online-beauty-care.com	dvbghy.online-beauty-care.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dhlbxrip.oliverneberry.info	dvbghy.online-beauty-care.com
2	www.googletagmanager.com	dvbghy.online-beauty-care.com www.googletagmanager.com
1	home.xreholor.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	stevenlevithan.com	dvbghy.online-beauty-care.com
1	use.typekit.net	dvbghy.online-beauty-care.com
1	bit.ly	1 redirects
49	13

This site contains no links.

Subject Issuer	Validity	Valid
online-beauty-care.com R11	`2024-07-29` - `2024-10-27`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-10` - `2025-06-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
definitions.sqspcdn.com WR3	`2024-07-24` - `2024-10-22`	3 months	crt.sh
www.stevenlevithan.com R10	`2024-07-20` - `2024-10-18`	3 months	crt.sh
newsdaymorenow.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
Frame ID: D306BBABA76DE8188850B23EF33348D2
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Revolutionary Pain Relief Product

Page URL History Show full URLs

http://bit.ly/3yoBYZU HTTP 307
https://bit.ly/3yoBYZU HTTP 301
https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade Page URL
http://dhlbxrip.oliverneberry.info/ HTTP 307
https://dhlbxrip.oliverneberry.info/ HTTP 307
http://dhlbxrip.oliverneberry.info/ Page URL
http://home.xreholor.com/go/ec7c1f12-68ec-48df-8644-d02378f364a5?subid=ver61 HTTP 307
https://home.xreholor.com/go/ec7c1f12-68ec-48df-8644-d02378f364a5?subid=ver61 HTTP 302
https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc13... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

49
Requests

86 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

1760 kB
Transfer

5717 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3yoBYZU HTTP 307
https://bit.ly/3yoBYZU HTTP 301
https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade Page URL
http://dhlbxrip.oliverneberry.info/ HTTP 307
https://dhlbxrip.oliverneberry.info/ HTTP 307
http://dhlbxrip.oliverneberry.info/ Page URL
http://home.xreholor.com/go/ec7c1f12-68ec-48df-8644-d02378f364a5?subid=ver61 HTTP 307
https://home.xreholor.com/go/ec7c1f12-68ec-48df-8644-d02378f364a5?subid=ver61 HTTP 302
https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bit.ly/3yoBYZU HTTP 307
https://bit.ly/3yoBYZU HTTP 301
https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade

Request Chain 10

https://static1.squarespace.com/static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1489/site.css HTTP 301
https://static1.squarespace.com/static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1545/site.css HTTP 301
https://static1.squarespace.com/static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1550/site.css

Request Chain 21

http://dhlbxrip.oliverneberry.info/ HTTP 307
https://dhlbxrip.oliverneberry.info/ HTTP 307
http://dhlbxrip.oliverneberry.info/

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
dvbghy.online-beauty-care.com/
Redirect Chain

http://bit.ly/3yoBYZU
https://bit.ly/3yoBYZU
https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade

176 KB
36 KB

384ms
183ms

Document
text/html

64.176.192.13
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.176.192.13 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 64.176.192.13.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 75d81f39ddf3e1d6a3aa0c17a47312711f33280f25ad4dc1d1138230df251a94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 04 Aug 2024 23:05:15 GMT
ETag: W/"66a80aec-2be26"
Last-Modified: Mon, 29 Jul 2024 21:34:36 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 143
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 23:05:15 GMT
location: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 3CF4mLGM-8DyvFnX8MbsD93keQ62b03W7dP3h-MdX-vfeGCBfFHN4UJLFRbh52jhWDjXwcBcwQmqjDycF2jawDmRFQ9UjRbajU7zMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0SaBujW48SagyjhmDjhy8Z... Show response
use.typekit.net/ik/ 19 KB
7 KB 52ms
10ms Script
text/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/3CF4mLGM-8DyvFnX8MbsD93keQ62b03W7dP3h-MdX-vfeGCBfFHN4UJLFRbh52jhWDjXwcBcwQmqjDycF2jawDmRFQ9UjRbajU7zMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdP37O1sydAqlZcBudel0ZWJlZemD-Ai0OQSUO1FUiABkZWF3jAF8OcFzdPUyjamTiY8Djhy8ZYmC-Ao1OcFzdPUyjamTiY8Djhy8ZYmC-Ao1Oco8ifUySkolZPUCdhFydeyzSabCSaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUXjAuTOAZyiAUndcmkOAs8Sh81dKXawPoDSWmyScmDSeBRZPoRdhXCieBl-AZyiAUndcmkZemD-Ai0OcFzdPUaiaS0jAFu-WsoShFGZAsude80ZkoRdhXCiaiaOcBRiA8XpWFR-emqiAUTdcS0dcmXOYiaikoySkolZPUaiaS0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUaiaS0ieBl-PucjWmC-ho8SKuqZWFTZhtlFDI0SaBujW48Sagyjh90jhNlOYiaikoXjAuTZcBudel0ZW4qZWFTZht0jhNlJy4RjAoyZeIliY83ZPu1-A4DdhtKgcizSey8SKJVjcBD-hmkic8Cde9liW4aH6GJniJfIMMjMkMfH6GJGntgIMMjgfMfH6GJnNJfIMMjgPMfH6GJ1dtgIMMjgkMfH6GJnlJfIMMj2PMfH6GJ1ntgIMMjIPMfH6GJ0N9fIMIjgPMfH6qJR8tbMy6IJMJ7fbKbWyMfeMS6MKG4f4FpIMJj2KMfH6qJ88tbMy6sJMHbMizt3-Ie.js

Requested by

Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5ce9b229ed1ab94ba13694e358835366676a651cb178808fa37a8b7f2f61d16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sun, 04 Aug 2024 23:05:15 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7005

GET
H/1.1 200
OK modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.6/ 115 KB
42 KB 50ms
11ms Script
text/javascript 23.45.98.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-98-104.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

Referer: https://dvbghy.online-beauty-care.com/
Origin: https://dvbghy.online-beauty-care.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 21:19:57 GMT
Server: UploadServer
ETag: "fe0d53a94823df972dbf107bf190771a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42447
Expires: Mon, 05 Aug 2024 00:05:15 GMT

GET
H/1.1 200
OK extract-css-runtime-085db6190188ea6a4cbb-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 44 KB
20 KB 15ms
15ms Script
text/javascript 23.45.98.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-085db6190188ea6a4cbb-min.en-US.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-98-104.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: d15b1af11b313182295decc472ce75f1e670402e2d9e31e05c188bb2f2933674

Request headers

Referer: https://dvbghy.online-beauty-care.com/
Origin: https://dvbghy.online-beauty-care.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Feb 2024 22:08:53 GMT
Server: UploadServer
ETag: "20cb39f74295e4c1d4bbb85309a17951"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19569
Expires: Mon, 05 Aug 2024 00:05:16 GMT

GET
H/1.1 200
OK extract-css-moment-js-vendor-675f9459672cf966ca51-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 1 MB
126 KB 9ms
9ms Script
text/javascript 23.45.98.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-675f9459672cf966ca51-min.en-US.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-98-104.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: c93034799cbdc326dfa0a15611fc53eb1a275da029699f572ef44c0eadf0e009

Request headers

Referer: https://dvbghy.online-beauty-care.com/
Origin: https://dvbghy.online-beauty-care.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jan 2024 13:43:11 GMT
Server: UploadServer
ETag: "8a73ca86c3ee1d3623aa08f264f43796"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128742
Expires: Mon, 05 Aug 2024 00:05:16 GMT

GET
H/1.1 200
OK cldr-resource-pack-a682f7ad337741eb05d6-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 122 KB
25 KB 13ms
13ms Script
text/javascript 23.45.98.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-a682f7ad337741eb05d6-min.en-US.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-98-104.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b2dc64332543a27c53be61d049e7e74d40740b2aa60d4708793944afa54ecc54

Request headers

Referer: https://dvbghy.online-beauty-care.com/
Origin: https://dvbghy.online-beauty-care.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Dec 2023 01:42:13 GMT
Server: UploadServer
ETag: "85b875f9fdc87e56b8f63608c90f9fe8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24926
Expires: Mon, 05 Aug 2024 00:05:16 GMT

GET
H/1.1 200
OK common-vendors-stable-f9df4447a2af25df5875-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
80 KB 9ms
9ms Script
text/javascript 23.45.98.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-f9df4447a2af25df5875-min.en-US.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-98-104.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: a35bbf88a5d660ec5bac590a84a8d84fe57026fd1edbeeeb9469a7a42962f2a0

Request headers

Referer: https://dvbghy.online-beauty-care.com/
Origin: https://dvbghy.online-beauty-care.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Dec 2023 01:39:46 GMT
Server: UploadServer
ETag: "56ee1cd95f0ed758feed83782291ef62"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81919
Expires: Mon, 05 Aug 2024 00:05:16 GMT

GET
H/1.1 200
OK common-vendors-eecad2af0a4a98e2d12e-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 625 KB
189 KB 155ms
155ms Script
text/javascript 23.45.98.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-eecad2af0a4a98e2d12e-min.en-US.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-98-104.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b42b1e13b569fb06f55beffa68cf0ab61a86556e2f413b50e30a582cf8db1ceb

Request headers

Referer: https://dvbghy.online-beauty-care.com/
Origin: https://dvbghy.online-beauty-care.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Feb 2024 20:19:39 GMT
Server: UploadServer
ETag: "2ceb8eb247c8ea3beeb50325182d2671"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 192968
Expires: Mon, 05 Aug 2024 00:05:16 GMT

GET common-5ca31a713e96e0d73f70-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 0
0

GET performance-2e5b687b721ed94b30f5-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 0
0

GET
H2

200

site.css
static1.squarespace.com/static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1550/
Redirect Chain

https://static1.squarespace.com/static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1489/site.css
https://static1.squarespace.com/static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1545/site.css
https://static1.squarespace.com/static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1550/site.css

1 MB
123 KB

266ms
265ms

Stylesheet
text/css

151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1550/site.css

Requested by

Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade

Protocol

Server

151.101.128.238 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

69da1567f423378aa33db396427d5207cd39639ee5cd1d67c7999e795731f127

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

tracepoint: Fastly
date: Sun, 04 Aug 2024 23:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 64059
x-cache: HIT, MISS
x-contextid: 3eP6sPBZ/YImiach8
content-length: 126221
x-served-by: cache-dfw-kdal2120114-DFW, cache-mad2200143-MAD
pragma: cache
server: Squarespace
x-timer: S1722812716.154615,VS0,VE234
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 253, 0

Redirect headers

tracepoint: Fastly
date: Sun, 04 Aug 2024 23:05:16 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 0
x-cache: HIT, MISS
x-contextid: bDn5Tn4L/2CNUjFH6
content-length: 0
x-served-by: cache-dfw-kdal2120118-DFW, cache-mad2200143-MAD
server: Squarespace
x-timer: S1722812716.906944,VS0,VE215
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
location: /static/versioned-site-css/642af15dc8f46735c551b47c/348/5c5a519771c10ba3470d8101/642af15dc8f46735c551b496/1550/site.css
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 251, 0

GET
H/1.1 200
OK plugin-sidebar.css
dvbghy.online-beauty-care.com/s/ 176 KB
36 KB 159ms
122ms Stylesheet
text/html 64.176.192.13
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dvbghy.online-beauty-care.com/s/plugin-sidebar.css
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.176.192.13 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 64.176.192.13.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 75d81f39ddf3e1d6a3aa0c17a47312711f33280f25ad4dc1d1138230df251a94

Request headers

Referer: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jul 2024 21:34:36 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"66a80aec-2be26"
Transfer-Encoding: chunked
Content-Type: text/html
Connection: keep-alive

GET
H/1.1 200
OK plugin-sidebar.js Show response
dvbghy.online-beauty-care.com/s/ 176 KB
36 KB 375ms
192ms Script
text/html 64.176.192.13
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://dvbghy.online-beauty-care.com/s/plugin-sidebar.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.176.192.13 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 64.176.192.13.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 75d81f39ddf3e1d6a3aa0c17a47312711f33280f25ad4dc1d1138230df251a94

Request headers

Referer: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jul 2024 21:34:36 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"66a80aec-2be26"
Transfer-Encoding: chunked
Content-Type: text/html
Connection: keep-alive

GET
H2 200 js
www.googletagmanager.com/gtag/ 208 KB
75 KB 64ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-100291386-1

Requested by

Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76541
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Aug 2024 23:05:16 GMT

GET
H2 200 website.components.shape.styles.css
definitions.sqspcdn.com/website-component-definition/static-assets/website.components.shape/a91d4cbf-f709-4a29-bf4e-c7faad211fdc_6/ 946 B
1 KB 177ms
141ms Stylesheet
text/css 34.160.236.44
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://definitions.sqspcdn.com/website-component-definition/static-assets/website.components.shape/a91d4cbf-f709-4a29-bf4e-c7faad211fdc_6/website.components.shape.styles.css
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 44.236.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e23ff27df9290805e03ac71924e849f1a146856c6bc4ed336ee4da6adc1ebd9

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:15 GMT
x-guploader-uploadid: AHxI1nMbackDRkNcMMg-En9lguArZEeM3OK7We6EzCx-RdkxwflWZMhOMfMtIVTSba2nGXDNTSm8uAVm_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 946
last-modified: Mon, 29 Jan 2024 20:44:52 GMT
server: UploadServer
etag: "d1546d4874aff2a0c192284ae156d315"
x-goog-generation: 1706561092042289
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=h/KWSw==, md5=0VRtSHSv8qDBkihK4VbTFQ==
cache-control: public,max-age=31622400
x-goog-stored-content-length: 946
accept-ranges: bytes

GET
H2 200 website.components.shape.handlers.js Show response
definitions.sqspcdn.com/website-component-definition/static-assets/website.components.shape/a91d4cbf-f709-4a29-bf4e-c7faad211fdc_6/ 196 B
446 B 16ms
15ms Script
application/javascript 34.160.236.44
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://definitions.sqspcdn.com/website-component-definition/static-assets/website.components.shape/a91d4cbf-f709-4a29-bf4e-c7faad211fdc_6/website.components.shape.handlers.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 44.236.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0578538dc54e61fb8eec8c8651c1ad25e2dafc3c620ba3dd0d8a76a3613ceb72

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 16:35:59 GMT
age: 196157
x-guploader-uploadid: AHxI1nPXQxS5yiM_JOVzYQO4-NtxAFdFw1Vd1DybyTqUfdD0zaVfkGCl4YGtdFGr381MtBqyhAc2fLeSUA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196
last-modified: Mon, 29 Jan 2024 20:44:52 GMT
server: UploadServer
etag: "235bfe7d977ccb8e0d39aedb3185ef54"
x-goog-generation: 1706561092269127
x-goog-hash: crc32c=U6QEqQ==, md5=I1v+fZd8y44NOa7bMYXvVA==
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31622400
x-goog-stored-content-length: 196
accept-ranges: bytes

GET
H2 200 website.components.shape.visitor.js Show response
definitions.sqspcdn.com/website-component-definition/static-assets/website.components.shape/a91d4cbf-f709-4a29-bf4e-c7faad211fdc_6/ 6 KB
3 KB 16ms
16ms Script
application/javascript 34.160.236.44
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://definitions.sqspcdn.com/website-component-definition/static-assets/website.components.shape/a91d4cbf-f709-4a29-bf4e-c7faad211fdc_6/website.components.shape.visitor.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 44.236.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e7d3ad5f874de2b39a0652ec4d213240fd37d7fedeb73ba9e83632b80c8ee8a2

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:49:04 GMT
content-encoding: br
age: 101772
x-guploader-uploadid: AHxI1nOaBznbeVjQq1Q1bqo-8kcGo8GfJxy0yqJBQoN-tS1C9gpi9oPNLGtGUGQ8e-PJZOHf_U65qA-lWQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2376
last-modified: Mon, 29 Jan 2024 20:44:52 GMT
server: UploadServer
etag: W/"b6e91de3d4dc814da292e1a785be2ced"
vary: Accept-Encoding
x-goog-generation: 1706561092507606
x-goog-hash: crc32c=OruuZw==, md5=tukd49TcgU2ikuGnhb4s7Q==
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31622400
x-goog-stored-content-length: 6137
accept-ranges: none

GET static.css
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1706811132467-QIR6O63RE5GI9HXI9ESJ/ 0
0

GET
H2 200 site-bundle.b502231aaf751bf844c833e9880528bf.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 176 KB
43 KB 33ms
33ms Script
application/javascript 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js

Requested by

Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.238 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

tracepoint: Fastly
date: Sun, 04 Aug 2024 23:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 1151700
x-cache: HIT, HIT
x-contextid: t33sm3EY/4V6JJnzA
content-length: 43703
x-served-by: cache-dfw-kdal2120120-DFW, cache-mad2200143-MAD
pragma: cache
server: Squarespace
x-timer: S1722812717.505812,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3150, 0

GET
H2 200 date.format.js Show response
stevenlevithan.com/assets/misc/ 4 KB
2 KB 533ms
101ms Script
application/javascript 173.236.251.200
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stevenlevithan.com/assets/misc/date.format.js
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.251.200 Ashburn, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-kant.iad1-shared-b8-33.dreamhost.com
Software: Apache /
Resource Hash: 00aa9bf334f2cc56c4e3485e2b8e4f0586f213c2ecdb1024281e532c4a1a94f5

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:16 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 23:16:51 GMT
server: Apache
etag: "fab-5bbf4ff2f5215-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1827
expires: Tue, 03 Sep 2024 23:05:16 GMT

GET static.css
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1706811132467-QIR6O63RE5GI9HXI9ESJ/ 0
0

GET
H/1.1

200
OK

/ Show response
dhlbxrip.oliverneberry.info/
Redirect Chain

http://dhlbxrip.oliverneberry.info/
https://dhlbxrip.oliverneberry.info/
http://dhlbxrip.oliverneberry.info/

125 B
401 B

120ms
120ms

Document
text/html

45.77.73.12
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://dhlbxrip.oliverneberry.info/
Requested by: Host: dvbghy.online-beauty-care.com
URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade
Protocol: HTTP/1.1
Server: 45.77.73.12 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.73.12.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 08044c35450c63bd13217c8637cb003bf10ee36bd7853e99eaacd10e901805ee

Request headers

Referer: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade#uvz47glEzz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 04 Aug 2024 23:05:19 GMT
ETag: W/"656d6b9e-7d"
Last-Modified: Mon, 04 Dec 2023 06:03:10 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Location: http://dhlbxrip.oliverneberry.info/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js
www.googletagmanager.com/gtag/ 256 KB
90 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H2LXWD7E3M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100291386-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 23:05:16 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 85ms
26ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100291386-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Aug 2024 22:15:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3013
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 05 Aug 2024 00:15:03 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 52ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H2LXWD7E3M&gtm=45je47v0v9113976558za200&_p=1722812716489&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1092530434.1722812717&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1722812716&sct=1&seg=0&dl=https%3A%2F%2Fdvbghy.online-beauty-care.com%2F%3Frorsddwpyldsqhade&dt=BATHROOM%20REMODELS%20-%20FLOOR%20PLANS%20AND%20DESIGN%20SOLUTIONS%20%E2%80%94%20Tami%20Faulkner%20Design&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1672
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H2LXWD7E3M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 23:05:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dvbghy.online-beauty-care.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 1 B
216 B 30ms
30ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=34414423&t=pageview&_s=1&dl=https%3A%2F%2Fdvbghy.online-beauty-care.com%2F%3Frorsddwpyldsqhade&ul=de-de&de=UTF-8&dt=BATHROOM%20REMODELS%20-%20FLOOR%20PLANS%20AND%20DESIGN%20SOLUTIONS%20%E2%80%94%20Tami%20Faulkner%20Design&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=519104744&gjid=509111557&cid=1092530434.1722812717&tid=UA-100291386-1&_gid=1651734095.1722812717&_r=1&gtm=457e47v0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250752&did=dZjQwMz&gdid=dZjQwMz&jsscut=1&npa=1&z=825004158

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dvbghy.online-beauty-care.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 23:05:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dvbghy.online-beauty-care.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

Primary Request / Show response
newsdaymorenow.com/2023-12-25/cbd2/
Redirect Chain

http://home.xreholor.com/go/ec7c1f12-68ec-48df-8644-d02378f364a5?subid=ver61
https://home.xreholor.com/go/ec7c1f12-68ec-48df-8644-d02378f364a5?subid=ver61
https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%...

69 KB
12 KB

176ms
129ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e118e6c9633a70e62c7d279a9fd4233c4f0091cfe964174bf6b0d008e678591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhlbxrip.oliverneberry.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ae2310acc0d9a2a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 23:05:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mxlv8I7oMYv8N2BkmaSECjKTyEEsvUORMcY8Y8rWg8JYa0IpvAOddP0aZkXcosw3bgAjpO5xhuIrNbPgKIkFQu3zO0jV1YPKbccKUdaUleEEUNKZcVLMGDKFmPf4RKTpQgBf7Z4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-length: 646
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 23:05:19 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
server: openresty
vary: Accept
x-response-time: 12.636ms

GET
H/1.1 200
OK favicon.ico
dhlbxrip.oliverneberry.info/ 125 B
401 B 120ms
120ms Other
text/html 45.77.73.12
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://dhlbxrip.oliverneberry.info/favicon.ico
Protocol: HTTP/1.1
Server: 45.77.73.12 Miami, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.77.73.12.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: http://dhlbxrip.oliverneberry.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 23:05:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Dec 2023 06:03:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"656d6b9e-7d"
Transfer-Encoding: chunked
Content-Type: text/html
Connection: keep-alive

GET
H3 200 logo1.png
newsdaymorenow.com/2023-12-25/cbd2/images/ 2 KB
3 KB 392ms
391ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/logo1.png

Requested by

Host: newsdaymorenow.com
URL: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e3a510e5d2ecb768ab323e3cb1e882dbfd6de9a132e180b421bdcaa3d8f757b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2468
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:05:47 GMT
server: cloudflare
etag: "623b8bab-9a4"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRCaOSssy398%2BUPrPk0Gh2OT8ic0mR7BKzF%2Bbc4yksiEEU4I50mHt0ZloMH9olJOKwxCB%2B9muqz8rJl%2ByL7tqoMbURGqh%2F9ZmUoFjD5KuHs7bvi9IJA0ab9OLsUqDFx21aAfu2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bbcbb9a2a-FRA

GET
H3 200 dr-oz.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 66 KB
66 KB 476ms
475ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/dr-oz.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f6b7b94c550f1d874f0ee65177ccff29a28b6eb59979b0c945482c5730c1917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 67392
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:05:56 GMT
server: cloudflare
etag: "623b8bb4-10740"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvzC9BnhwQzJCOfS2s4jw5tfniU4uPeXQlp5STx647G5cOH%2BYr1rht5srZU4fcBJS8rq08NQRM%2B3FmKJxwiMVB7M%2Fd8dUpXqJlA2Z0ALKtGCGaBJQntPw8rfeacsFLz0N8MzFKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bbcbc9a2a-FRA

GET
H3 200 1311c4b250ddf499f21d1f912991c2f3.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 34 KB
34 KB 147ms
146ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/1311c4b250ddf499f21d1f912991c2f3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c17503ea9ce583a0ac53f3b84d2f52d9024d67517eb7944ddeb88f7671118221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34731
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:06:15 GMT
server: cloudflare
etag: "623b8bc7-87ab"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxzUpMb1xre9JbSWQDfZNLBIGvx1XCaXU6TEw5gm7x%2FItGdUwD2dFRQYqr2hoIfqS7QIztJk7hXA%2Fou1GxsQbwWPFPyUrL%2FIy33EJUNUjWzvH%2FdDHoUZsvdywc%2BcPRFYIvhD%2BG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdccd9a2a-FRA

GET
H3 200 CBD-Oil-Testimonial-for-My-Panic-Attack-and-Social-Anxiety-263x300.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 11 KB
12 KB 379ms
377ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/CBD-Oil-Testimonial-for-My-Panic-Attack-and-Social-Anxiety-263x300.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d678ef3be23de7abda1ee74fb7e637d43fc2faa2138d76d7605909fd6094194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11361
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:06:27 GMT
server: cloudflare
etag: "623b8bd3-2c61"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCZiNsSWWhIteGfHg%2FwFI0s5zgqg1MgdPq%2FiJ0V6RKo85kjzmxiAEfmrDtBalzx%2B83BTMCCls%2Fg1GxbO11%2FRj5%2BHCj71PLAl0GklDO4sYyVo6L3ZO%2F6PLfFu6eWI48dvsfdcVS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcce9a2a-FRA

GET
H3 200 HappyHACCMan.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 8 KB
8 KB 382ms
380ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/HappyHACCMan.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b992444640ab3904a64161709d136f66d891915ef72f307e795fb4e41417a5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8214
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:06:34 GMT
server: cloudflare
etag: "623b8bda-2016"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ucSe%2FnAjojkw7xVC%2BpJ5EnV0KR%2BLjBhmPulpemIcA1rd0N6vRqcsM5BBCFwnEUjUW6QrfgLSz%2FcpdlVLqHe%2BcWGIm75RLuWABSkuhdk395XsW%2BSwGTsrwuGAs6STUiwPpMFU8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdccf9a2a-FRA

GET
H3 200 sam-elliott-e1557189275471.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 15 KB
16 KB 374ms
372ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/sam-elliott-e1557189275471.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d945be899939262150404f637f03ea8ba19da02a26139c5e9607065efc12ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15679
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:06:44 GMT
server: cloudflare
etag: "623b8be4-3d3f"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uUOmfJ%2BsDRIM9sHDOhJ%2BRxVMXVLW0srwO7Uc%2BFC8Ul2g7OqILnYj9IKzhqnOzHJbM7Q8DxsFpQtGwHgEXJeE2i%2B8mK7JkQfmv%2FS1vxwtnmfH38ZwOIlIDA0H1vhHEaH0NIujLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcd09a2a-FRA

GET
H3 200 694940094001_5850457368001_5850420935001-vs.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 24 KB
25 KB 128ms
126ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/694940094001_5850457368001_5850420935001-vs.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd28c47d0904d31035d83290e4d4d130236b33ac7f50d77346255d107d32ce04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 24870
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:06:51 GMT
server: cloudflare
etag: "623b8beb-6126"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRLqzJh2CYxJk9%2F1yLs49AIXWw3lNB3YZiHY2Wwsp%2FF1j3U81Lrvi0ImiVKOTuf6rgXJSkXbjPdpLvTmKfSjas1epLW2bAIsPH1m09wRTsqQZ7Rtwn9LMi5ajyj7J4lfnQkmnGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcd19a2a-FRA

GET
H3 200 image-resizer.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 29 KB
29 KB 400ms
398ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/image-resizer.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79cbaf01fbb21bca4376e7b73d624e6fd893ede23baccb6e3d6ff3ff5b8a6340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 29613
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:06:59 GMT
server: cloudflare
etag: "623b8bf3-73ad"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1%2FHT2wKtJyNtRNuYHHG%2BHoSg%2FVEEdleKqkE1gZ4q6G9%2BL%2FjOdG2iUFCzszWQNaMHLrWHmbDR9euqVNa795qVyAsKzVeIlXbfwSyNwJqjLysJ9Uf0c88eeolWZp20wSxACxIaCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcd29a2a-FRA

GET
H3 200 allproducts.png
newsdaymorenow.com/2023-12-25/cbd2/images/ 522 KB
523 KB 458ms
456ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/allproducts.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46de5328b790a76ab3219ab2c471a9f6fed572bb12acdd62e5582ee981eae026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 534645
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Dec 2023 01:50:00 GMT
server: cloudflare
etag: "658a3148-82875"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hn%2BKqsHpTo5CGK4qoqFvbcJqpKaCExJIqzywuC48kYQywu%2BYGhL6ikmppFXeHlvkD5E30OdHZvU%2BoRZfdvWS16MOKs65boHpVK03EJem1ZgYqOxsk3csLyaiIMJuT1cA0xHGcmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcd39a2a-FRA

GET
H3 200 button33-qual-1.png
newsdaymorenow.com/2023-12-25/cbd2/images/ 37 KB
38 KB 412ms
409ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/button33-qual-1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd70f3ab89a9705ec329c8c0264cb7fa5448f69baa13e46a3a8091fd02dd7653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37985
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:07:12 GMT
server: cloudflare
etag: "623b8c00-9461"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZfo7PIOWfRYh0JpzVkBq6pu%2BcWxHU8s2UR99TpAT2r%2FVH6GJwsxp0ViPba26d9XhscI8NG6CZCRXCht10lbm1t6aQ9U2zQUKOg5p4Xv%2FKJrUucnwEmevE05185O1Mn6sivGWrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcd49a2a-FRA

GET
H3 200 blank.jpeg
newsdaymorenow.com/2023-12-25/cbd2/images/ 1 KB
2 KB 380ms
378ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/blank.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a828be7e6602af27a7c513259b1b93024b96be1e61e38fc6cf7aa75a62b77a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1534
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:19:57 GMT
server: cloudflare
etag: "623b8efd-5fe"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJkdZLHgt%2FdbA0YtE94%2FlwoUBtDKEgfmLmdH4%2BP%2Bw9FlsqxGM377QDmyYPUOg53CFAyq8tadDR0kgqU4uJt11Jm2g7uCndJyg2CFpNu4kRYIjgK%2F4D3ndvqYYOKj49B678kOD4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcd59a2a-FRA

GET
H3 200 prof10.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 2 KB
3 KB 387ms
385ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/prof10.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2472
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:15:47 GMT
server: cloudflare
etag: "623b8e03-9a8"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1Na5X47jLVvr3HxBHU0U5e9MkcT1Lim5Y9M%2F2WQgIrlqvSueCTqSAwmfTY71gUKi%2BkogUYpNKGmyBuuf0pX%2BEBckEp4E8CdoeM7kuojdIF6s6%2BiUBR7oksx4U1pR1TOB0GTO2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcd69a2a-FRA

GET
H3 200 prof8.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 3 KB
3 KB 393ms
391ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/prof8.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab0e6debd262b48021429d5576ed1bdc55d1612b1ef0085741b35260b4950f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2572
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:15:43 GMT
server: cloudflare
etag: "623b8dff-a0c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4mSfQB1AjiUNqenTP0xlBSwBBnWih6uUMMGPAxZeLH9IZmxY10R%2FJkdfvKuOGy9Mh9k6GjX9zP3fC34hVrYp0xJWWqyRPsdTeK%2F3ZdMIL07uc%2Fmp3z%2FEWq1QDmyJLnxo6EGtcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcd79a2a-FRA

GET
H3 200 prof5.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 2 KB
3 KB 367ms
365ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/prof5.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2232
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:15:38 GMT
server: cloudflare
etag: "623b8dfa-8b8"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2F977zyPngzeuv%2BqFUlbd9Bg3HX0x31WPeSFThjsps5a1nKJHS598JoN85frES42dOXN57QmyPwifzExuxDXbCIZ5EzcxhF0hxwhcchaG5Qztr%2BHTLImHJXzmWBsY%2FoHiteflhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcda9a2a-FRA

GET
H3 200 pp2.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 7 KB
7 KB 375ms
374ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/pp2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4006b87df1db50327b55dd3cd4a0999ad2f80658405a5875756354498b7b0a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7125
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:15:14 GMT
server: cloudflare
etag: "623b8de2-1bd5"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLfZUY0ro17aMqsYe11F4rTz5z9kx5NMWPzdIkcNgaw0Rvah9Flbv7sNq%2BwPIoKKGFv7LqSfa%2FpPXBmeh1lY4AtM2DAHpi7vI9JN%2Fga%2BRSypuobgyZgorKcAfj32nqpQHtgFpTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcdb9a2a-FRA

GET
H3 200 pp5.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 6 KB
6 KB 123ms
121ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/pp5.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f80eec1c6fab94352f8341f50449d2b65944cf599b41ebf1033368de0a08ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6164
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:15:23 GMT
server: cloudflare
etag: "623b8deb-1814"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MTKNMJfyktzm3dlupKWzDwxLlzPVHwPJMpS%2F7HhAMlGUqavIlDK8EzT2aSvgcZ%2FsNzHY%2FXoamRwmZVeIBVkhtes7DPhAsAULlbq81iUKs7s7hrDlKl4yyU5o5cjzvAWxNtnDYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcdc9a2a-FRA

GET
H3 200 16174412_10211484033439027_3968979027246986980_n.0dbfe016.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 2 KB
2 KB 390ms
388ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/16174412_10211484033439027_3968979027246986980_n.0dbfe016.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

259f88defc700818f3ce5c71dd53ea871b0ad3b77404d3b833765c23113647c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1775
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:17:06 GMT
server: cloudflare
etag: "623b8e52-6ef"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m9BOPI2QSRtbsnyEvcCCFHLFre4I8HmN0lVB2qOCNiHjJbPyeYb67JAUDbloMxrP6FVmcNtiSkZB9bKeH2A%2FMxU6SErJnl6gbdbi6wBSG2R1RrktQZ0B7OGJlgxYbyoPcSOiCEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcdd9a2a-FRA

GET
H3 200 pp6.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 6 KB
6 KB 119ms
117ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/pp6.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dda3f4e6dc0c439397b481d7f573e340ae654f33bab9c178e44a1b07f93c064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5714
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:15:31 GMT
server: cloudflare
etag: "623b8df3-1652"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WoOms4sfcYp6q2VDM%2BCOhePvtJG40kgwAWTd89gkUDi9qi3C7VLPdjTLtv6WwUSzTGsywWvJXnq6HLzSWQkkAeV%2FTZgXdP9ybbn6Z7BwC%2BoUVc9URvB0iGB5SmGcT%2BtH%2BcJsEVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcde9a2a-FRA

GET
H3 200 16406523_1345882538809440_8201065904356080273_n.da959532.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 1 KB
2 KB 118ms
116ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/16406523_1345882538809440_8201065904356080273_n.da959532.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3427064d6115bb8b12415bb350082594b5359a48eb7a8ad3b0a2c6f19cf98c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1259
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:17:10 GMT
server: cloudflare
etag: "623b8e56-4eb"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ew88h2qQv7zQIi3B1QJvDgY5McDU4t5em6n9m1HGjP%2BqGWgqGEpPViXHDVGIqTCiPvVUjQHtPPw%2BbVpvWL5Yi%2B%2BKFiFc8c1QfVdk6k5jFCMdQK39ZJs3H%2B3ZwgZoSCBd%2FrDrlCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdcdf9a2a-FRA

GET
H3 200 13631522_1146706165402703_3256702316997043506_n.b56fd49f.jpg
newsdaymorenow.com/2023-12-25/cbd2/images/ 2 KB
2 KB 385ms
383ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsdaymorenow.com/2023-12-25/cbd2/images/13631522_1146706165402703_3256702316997043506_n.b56fd49f.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3122aee9c9ade3d031efa12f381cb476642a79b77163545c647fe3c9ed173f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1766
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 21:17:02 GMT
server: cloudflare
etag: "623b8e4e-6e6"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a94yYFhbLXYnLY0fKV2EcI77BnKcEQtFRWfBFqTRloJ%2BCw%2FGtIh1xjJjF590OHWd%2F0SYIbY91Jrk3slr%2BzOJFW3%2Fi0fIkMl1JLf4WivWzouDjn3VRSL4s%2F68B40MTfD8YJIr44I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8ae2310bdce19a2a-FRA

GET
H3 404 favicon.ico
newsdaymorenow.com/ 580 B
581 B 111ms
110ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsdaymorenow.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895

Request headers

Referer: https://newsdaymorenow.com/2023-12-25/cbd2/?bemobdata=c%3Dec7c1f12-68ec-48df-8644-d02378f364a5..l%3Dc133371a-c6a7-4a64-9b39-45baebd28534..f%3D42f99bd9-6e18-4488-bb78-b396478d6654..a%3D0..b%3D0..c1%3Dver61..r%3Dhttp%253A%252F%252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%252F..ts%3D1722812719752
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 23:05:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QnHR2hdW3aSIAVJwgRTy%2BNybcGFGkIaBpl07k1JTfdhjwBiOzlmNjNvWoQlED3yWRjf4m3So2hL6bbJjZiJvjJT6R%2F%2FOAOssTi0IxUCYxxAgF%2FIhXllZ4xG9xMdXa92M6eBVBJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8ae231103fc39a2a-FRA
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-5ca31a713e96e0d73f70-min.en-US.js

Domain: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-2e5b687b721ed94b30f5-min.en-US.js

Domain: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1706811132467-QIR6O63RE5GI9HXI9ESJ/static.css

Domain: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1706811132467-QIR6O63RE5GI9HXI9ESJ/static.css

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dayNames object| monthNames object| now

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-21 02:52:44	Name: _bit Value: o74n5f-f0ec75c69230d9bc72-001
.online-beauty-care.com/	1970-01-21 08:09:32	Name: _ga Value: GA1.2.1092530434.1722812717
.online-beauty-care.com/	1970-01-20 22:34:59	Name: _gid Value: GA1.2.1651734095.1722812717
.online-beauty-care.com/	1970-01-20 22:33:32	Name: _gat_gtag_UA_100291386_1 Value: 1
.online-beauty-care.com/	1970-01-21 08:09:32	Name: _ga_H2LXWD7E3M Value: GS1.1.1722812716.1.0.1722812719.0.0.0
.home.xreholor.com/	1970-01-21 07:19:08	Name: bemob-viewer-id Value: 11460f8f-07c9-46c3-beac-e4f85e685d1c
.home.xreholor.com/	1970-01-20 22:34:59	Name: bemob-uniq-visit:ec7c1f12-68ec-48df-8644-d02378f364a5 Value: 1
.home.xreholor.com/	1970-01-20 22:34:59	Name: bemob-rotation:ec7c1f12-68ec-48df-8644-d02378f364a5:random:c7dd4b725201a02c79785563435155cf Value: 0-1-0
.home.xreholor.com/	1970-01-20 23:16:44	Name: bemob-track-url Value: https%3A%2F%2Fnewsdaymorenow.com%2F2023-12-25%2Fcbd2%2F%3Fbemobdata%3Dc%253Dec7c1f12-68ec-48df-8644-d02378f364a5..l%253Dc133371a-c6a7-4a64-9b39-45baebd28534..f%253D42f99bd9-6e18-4488-bb78-b396478d6654..a%253D0..b%253D0..c1%253Dver61..r%253Dhttp%25253A%25252F%25252Fdhlbxrip~BEMOB_DOT~oliverneberry~BEMOB_DOT~info%25252F..ts%253D1722812719752

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade#uvz47glEzz Message: Refused to apply style from 'https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1706811132467-QIR6O63RE5GI9HXI9ESJ/static.css' because its MIME type ('application/javascript') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://dvbghy.online-beauty-care.com/?rorsddwpyldsqhade#uvz47glEzz Message: Refused to apply style from 'https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1706811132467-QIR6O63RE5GI9HXI9ESJ/static.css' because its MIME type ('application/javascript') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://newsdaymorenow.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
bit.ly
definitions.sqspcdn.com
dhlbxrip.oliverneberry.info
dvbghy.online-beauty-care.com
home.xreholor.com
newsdaymorenow.com
region1.google-analytics.com
static1.squarespace.com
stevenlevithan.com
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
assets.squarespace.com
static1.squarespace.com
151.101.128.238
173.236.251.200
188.114.96.3
2001:4860:4802:32::178
2001:4860:4802:32::36
23.45.98.104
2a00:1450:4001:813::2008
2a02:26f0:3500:16::215:148f
2a05:d014:286:3501:53d0:7349:324c:7f92
34.160.236.44
45.77.73.12
64.176.192.13
67.199.248.10
00aa9bf334f2cc56c4e3485e2b8e4f0586f213c2ecdb1024281e532c4a1a94f5
0578538dc54e61fb8eec8c8651c1ad25e2dafc3c620ba3dd0d8a76a3613ceb72
08044c35450c63bd13217c8637cb003bf10ee36bd7853e99eaacd10e901805ee
259f88defc700818f3ce5c71dd53ea871b0ad3b77404d3b833765c23113647c2
3e3a510e5d2ecb768ab323e3cb1e882dbfd6de9a132e180b421bdcaa3d8f757b
3f6b7b94c550f1d874f0ee65177ccff29a28b6eb59979b0c945482c5730c1917
4006b87df1db50327b55dd3cd4a0999ad2f80658405a5875756354498b7b0a14
46de5328b790a76ab3219ab2c471a9f6fed572bb12acdd62e5582ee981eae026
4d678ef3be23de7abda1ee74fb7e637d43fc2faa2138d76d7605909fd6094194
4e118e6c9633a70e62c7d279a9fd4233c4f0091cfe964174bf6b0d008e678591
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
5ce9b229ed1ab94ba13694e358835366676a651cb178808fa37a8b7f2f61d16a
5dda3f4e6dc0c439397b481d7f573e340ae654f33bab9c178e44a1b07f93c064
63f80eec1c6fab94352f8341f50449d2b65944cf599b41ebf1033368de0a08ce
69da1567f423378aa33db396427d5207cd39639ee5cd1d67c7999e795731f127
6e23ff27df9290805e03ac71924e849f1a146856c6bc4ed336ee4da6adc1ebd9
75d81f39ddf3e1d6a3aa0c17a47312711f33280f25ad4dc1d1138230df251a94
79cbaf01fbb21bca4376e7b73d624e6fd893ede23baccb6e3d6ff3ff5b8a6340
9d945be899939262150404f637f03ea8ba19da02a26139c5e9607065efc12ba1
a3122aee9c9ade3d031efa12f381cb476642a79b77163545c647fe3c9ed173f5
a3427064d6115bb8b12415bb350082594b5359a48eb7a8ad3b0a2c6f19cf98c0
a35bbf88a5d660ec5bac590a84a8d84fe57026fd1edbeeeb9469a7a42962f2a0
a828be7e6602af27a7c513259b1b93024b96be1e61e38fc6cf7aa75a62b77a12
ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767
ab0e6debd262b48021429d5576ed1bdc55d1612b1ef0085741b35260b4950f23
b2dc64332543a27c53be61d049e7e74d40740b2aa60d4708793944afa54ecc54
b42b1e13b569fb06f55beffa68cf0ab61a86556e2f413b50e30a582cf8db1ceb
b992444640ab3904a64161709d136f66d891915ef72f307e795fb4e41417a5bf
c17503ea9ce583a0ac53f3b84d2f52d9024d67517eb7944ddeb88f7671118221
c93034799cbdc326dfa0a15611fc53eb1a275da029699f572ef44c0eadf0e009
cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895
cd28c47d0904d31035d83290e4d4d130236b33ac7f50d77346255d107d32ce04
cd70f3ab89a9705ec329c8c0264cb7fa5448f69baa13e46a3a8091fd02dd7653
d15b1af11b313182295decc472ce75f1e670402e2d9e31e05c188bb2f2933674
e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2
e7d3ad5f874de2b39a0652ec4d213240fd37d7fedeb73ba9e83632b80c8ee8a2

newsdaymorenow.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

86 %HTTPS

38 %IPv6

11 Domains

13 Subdomains

12 IPs

3 Countries

1760 kBTransfer

5717 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newsdaymorenow.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

86 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

1760 kB
Transfer

5717 kB
Size

9
Cookies

49 HTTP transactions
0 data transactions