urlscan.io logo urlscan.io
SecurityTrails logo

168.firano2.fun Open in urlscan Pro
188.132.192.168  Public Scan

Go To Rescan Add Verdict Report
URL: https://168.firano2.fun/
Submission: On July 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 8 countries across 23 domains to perform 179 HTTP transactions. The main IP is 188.132.192.168, located in Istanbul, Turkey and belongs to WORLDBUS, GE. The main domain is 168.firano2.fun.
TLS certificate: Issued by E6 on July 30th 2024. Valid for: 3 months.
This is the only time 168.firano2.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 188.132.192.168 201575 (WORLDBUS)
3 13.224.186.120 16509 (AMAZON-02)
2 2600:9000:216... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 172.217.16.130 15169 (GOOGLE)
49 151.101.65.44 54113 (FASTLY)
2 104.18.20.97 13335 (CLOUDFLAR...)
6 151.101.194.62 54113 (FASTLY)
2 178.250.1.8 44788 (ASN-CRITE...)
1 151.101.1.44 54113 (FASTLY)
1 2.19.217.101 16625 (AKAMAI-AS)
2 18.200.203.149 16509 (AMAZON-02)
1 18.245.31.9 16509 (AMAZON-02)
1 18.244.15.236 16509 (AMAZON-02)
2 151.101.129.44 54113 (FASTLY)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 199.232.211.52 54113 (FASTLY)
1 20.50.2.28 8075 (MICROSOFT...)
1 23.197.10.19 16625 (AKAMAI-AS)
2 34.149.193.192 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.219.59 16509 (AMAZON-02)
1 142.250.184.226 15169 (GOOGLE)
1 2600:9000:230... 16509 (AMAZON-02)
1 18.239.83.98 16509 (AMAZON-02)
2 172.217.18.2 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
29 141.226.228.48 200478 (TABOOLA-AS)
1 142.250.186.130 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.212.16.194 14618 (AMAZON-AES)
1 63.34.81.234 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
2 57.129.18.121 16276 (OVH)
1 54.167.160.227 14618 (AMAZON-AES)
1 151.101.130.62 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
179 38
40    188.132.192.168 (Istanbul, Turkey)

ASN201575 (WORLDBUS, GE)
168.firano2.fun
3    13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    2600:9000:2165:8600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2606:4700:20::ac43:45bf (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
49    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
c2.taboola.com
pm-widget.taboola.com
hp.taboola.com
trc.taboola.com
pips.taboola.com
images.taboola.com
vidanalytics.taboola.com
2    104.18.20.97 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
6    151.101.194.62 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.usatoday.com
www.gannett-cdn.com
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
display.bidder.taboola.com
1    2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com
a.teads.tv
2    18.200.203.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-203-149.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    18.245.31.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-9.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.244.15.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-15-236.fra56.r.cloudfront.net
aax.amazon-adsystem.com
2    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    199.232.211.52 (United States)

ASN54113 (FASTLY, US)
apv-launcher.minute.ly
1    20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
1    23.197.10.19 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-10-19.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    34.149.193.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.193.149.34.bc.googleusercontent.com
traxex.gannettdigital.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.219.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-219-59.mxp63.r.cloudfront.net
cdn.parsely.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
1    2600:9000:2304:8e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    18.239.83.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-98.ams58.r.cloudfront.net
sb.scorecardresearch.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
pagead2.googlesyndication.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com
29    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:1f18:730:b140:9dca:8420:89e4:aa25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.212.16.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-16-194.compute-1.amazonaws.com
rp4.liadm.com
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    57.129.18.121 (France)

ASN16276 (OVH, FR)
PTR: haproxy-eu-015.roqad.pl
wt.rqtrk.eu
1    54.167.160.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-160-227.compute-1.amazonaws.com
i.liadm.com
1    151.101.130.62 (San Francisco, United States)

ASN54113 (FASTLY, US)
reporting-api.gannettinnovation.com
2    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
82 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1198
c2.taboola.com — Cisco Umbrella Rank: 12492
display.bidder.taboola.com — Cisco Umbrella Rank: 5482
pm-widget.taboola.com — Cisco Umbrella Rank: 4404
hp.taboola.com — Cisco Umbrella Rank: 44017
trc.taboola.com — Cisco Umbrella Rank: 1123
am-trc-events.taboola.com — Cisco Umbrella Rank: 19208
pips.taboola.com — Cisco Umbrella Rank: 2305
cds.taboola.com — Cisco Umbrella Rank: 2605
images.taboola.com — Cisco Umbrella Rank: 2161
vidanalytics.taboola.com — Cisco Umbrella Rank: 3613
742 KB
40 firano2.fun
168.firano2.fun
328 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
56 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
179 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 394
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999
aax.amazon-adsystem.com — Cisco Umbrella Rank: 501
83 KB
5 usatoday.com
user.usatoday.com Failed
eu.usatoday.com — Cisco Umbrella Rank: 310723 Failed
www.usatoday.com — Cisco Umbrella Rank: 19797
25 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 4784
rp.liadm.com — Cisco Umbrella Rank: 1645
rp4.liadm.com — Cisco Umbrella Rank: 4911
i.liadm.com — Cisco Umbrella Rank: 937
37 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 944
gum.criteo.com — Cisco Umbrella Rank: 553
846 B
4 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 1040
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1139
12 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3983
collector.brandmetrics.com — Cisco Umbrella Rank: 4257
20 KB
2 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 2518
5 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 4801
p1.parsely.com — Cisco Umbrella Rank: 3692
21 KB
2 gannettdigital.com
traxex.gannettdigital.com — Cisco Umbrella Rank: 18099
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2804
163 KB
1 gannettinnovation.com
reporting-api.gannettinnovation.com — Cisco Umbrella Rank: 24244
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 278
300 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
19 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
91 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1622
17 KB
1 minute.ly
apv-launcher.minute.ly — Cisco Umbrella Rank: 6524
949 B
1 gannett-cdn.com
www.gannett-cdn.com — Cisco Umbrella Rank: 16479
4 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 2082
402 B
179 23
Domain Requested by
40 168.firano2.fun 168.firano2.fun
29 am-trc-events.taboola.com cdn.taboola.com
168.firano2.fun
17 trc.taboola.com cdn.taboola.com
168.firano2.fun
15 cdn.taboola.com 168.firano2.fun
cdn.taboola.com
8 images.taboola.com 168.firano2.fun
6 hp.taboola.com cdn.taboola.com
5 www.usatoday.com 168.firano2.fun
www.usatoday.com
4 securepubads.g.doubleclick.net 168.firano2.fun
securepubads.g.doubleclick.net
3 bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com securepubads.g.doubleclick.net
168.firano2.fun
cdn.confiant-integrations.net
3 c.amazon-adsystem.com 168.firano2.fun
c.amazon-adsystem.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 wt.rqtrk.eu 168.firano2.fun
2 region1.google-analytics.com www.googletagmanager.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 traxex.gannettdigital.com 168.firano2.fun
2 gum.criteo.com cdn.taboola.com
168.firano2.fun
2 pm-widget.taboola.com cdn.taboola.com
168.firano2.fun
2 pixel.adsafeprotected.com static.adsafeprotected.com
168.firano2.fun
2 bidder.criteo.com 168.firano2.fun
2 cdn.confiant-integrations.net 168.firano2.fun
cdn.confiant-integrations.net
2 cdn.brandmetrics.com 168.firano2.fun
cdn.brandmetrics.com
2 static.adsafeprotected.com 168.firano2.fun
1 vidanalytics.taboola.com cdn.taboola.com
1 reporting-api.gannettinnovation.com 168.firano2.fun
1 i.liadm.com b-code.liadm.com
1 cds.taboola.com cdn.taboola.com
1 p1.parsely.com 168.firano2.fun
1 rp4.liadm.com 168.firano2.fun
1 rp.liadm.com 1 redirects
1 pips.taboola.com cdn.taboola.com
1 googleads.g.doubleclick.net 168.firano2.fun
1 sb.scorecardresearch.com 168.firano2.fun
1 b-code.liadm.com 168.firano2.fun
1 www.googleadservices.com 168.firano2.fun
1 cdn.parsely.com 168.firano2.fun
1 www.googletagmanager.com 168.firano2.fun
1 secure.cdn.fastclick.net 168.firano2.fun
1 collector.brandmetrics.com cdn.brandmetrics.com
1 apv-launcher.minute.ly cdn.taboola.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com 168.firano2.fun
1 www.gannett-cdn.com 168.firano2.fun
1 a.teads.tv 168.firano2.fun
1 display.bidder.taboola.com 168.firano2.fun
1 c2.taboola.com 168.firano2.fun
0 eu.usatoday.com Failed 168.firano2.fun
0 user.usatoday.com Failed
179 47
Subject Issuer Validity Valid
168.firano2.fun
E6		 2024-07-30 -
2024-10-28		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
brandmetrics.com
WE1		 2024-06-27 -
2024-09-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
confiant-integrations.net
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
usatoday.com
R10		 2024-07-27 -
2024-10-25		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
*.bidder.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-12 -
2024-12-12		 a year crt.sh
teads.tv
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2024-02-28 -
2025-03-29		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.minute.ly
R11		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2024-05-13 -
2025-06-11		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
qqms.gannettdigital.com
R10		 2024-07-17 -
2024-10-15		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
*.googleadservices.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2023-12-02 -
2024-12-29		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.rqtrk.eu
RapidSSL TLS RSA CA G1		 2024-05-22 -
2025-05-21		 a year crt.sh
gannettinnovation.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://168.firano2.fun/
Frame ID: 27D729436E8ECB741B6D89DD80B109D4
Requests: 170 HTTP requests in this frame

Frame: https://168.firano2.fun/tangfrag/sports/olympics-medal-count/?prm-season=2024&prm-embedded=true
Frame ID: DB70A63260A1F74401DB7DEFB287DC3D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: BD31CF3D2B586D28BA62217C609F2184
Requests: 1 HTTP requests in this frame

Frame: https://bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63AC64A16C1E3118C1296E423EFA6EF2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 753C17BD3F51954FB3A0B30AAB9015C5
Requests: 1 HTTP requests in this frame

Frame: https://bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BD880C1F9CA6550EC9C95A8C7F8E7BA3
Requests: 1 HTTP requests in this frame

Frame: https://bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2CECE82130DF019FF6C5E9687D2FEDE8
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01aa?duid=96506546ef5a--01j41pksey5xd4atj0bh7z3rpy&euns=0&s=&version=v2.14.3&cd=.firano2.fun
Frame ID: 2E24EB821F7F49DB93B939D53A54B8FE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=168.firano2.fun
Frame ID: 8CF572B5E52AD7BA898A121972920407
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05B5ADE8CE3D31402A05E3C4A353053A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

USA TODAY - Breaking News and Latest News Today

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

179
Requests

98 %
HTTPS

24 %
IPv6

23
Domains

47
Subdomains

38
IPs

8
Countries

1813 kB
Transfer

5961 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg HTTP 302
  • https://eu.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg HTTP 303
  • https://eu.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg/ HTTP 307
  • https://usatoday30.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg/ HTTP 301
  • https://eu.usatoday.com/
Request Chain 89
  • https://rp.liadm.com/j?dtstmp=1722339157898&aid=a-01aa&se=e30&duid=96506546ef5a--01j41pksey5xd4atj0bh7z3rpy&tv=v2.14.3&pu=https%3A%2F%2F168.firano2.fun%2F&ext__pubcid=f5eba5a4-4112-4a8f-9264-2fc75c6230f9&wpn=lc-bundle&cd=.firano2.fun&c=PHRpdGxlPlVTQSBUT0RBWSAtIEJyZWFraW5nIE5ld3MgYW5kIExhdGVzdCBOZXdzIFRvZGF5PC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVVNBIFRPREFZIGRlbGl2ZXJzIGN1cnJlbnQgbmF0aW9uYWwgYW5kIGxvY2FsIG5ld3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgZmluYW5jZSwgdGVjaG5vbG9neSwgYW5kIG1vcmUgdGhyb3VnaCBhd2FyZC13aW5uaW5nIGpvdXJuYWxpc20sIHBob3RvcywgYW5kIHZpZGVvcy4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy51c2F0b2RheS5jb20iPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1722339157898&aid=a-01aa&se=e30&duid=96506546ef5a--01j41pksey5xd4atj0bh7z3rpy&tv=v2.14.3&pu=https%3A%2F%2F168.firano2.fun%2F&ext__pubcid=f5eba5a4-4112-4a8f-9264-2fc75c6230f9&wpn=lc-bundle&cd=.firano2.fun&c=PHRpdGxlPlVTQSBUT0RBWSAtIEJyZWFraW5nIE5ld3MgYW5kIExhdGVzdCBOZXdzIFRvZGF5PC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVVNBIFRPREFZIGRlbGl2ZXJzIGN1cnJlbnQgbmF0aW9uYWwgYW5kIGxvY2FsIG5ld3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgZmluYW5jZSwgdGVjaG5vbG9neSwgYW5kIG1vcmUgdGhyb3VnaCBhd2FyZC13aW5uaW5nIGpvdXJuYWxpc20sIHBob3RvcywgYW5kIHZpZGVvcy4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy51c2F0b2RheS5jb20iPg&i6=MmEwMTo0YTA6MTMzODo5Mzo6NQ%3D%3D&n3pc=true

179 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
168.firano2.fun/ 		224 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
98467dde29add0e4205bf587cd9c1c012455582e0ec3111fe53caf7dcdf0756b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
125
cache-control
no-store
content-encoding
br
content-length
68099
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 30 Jul 2024 11:32:35 GMT
etag
W/"3dfac-aRCjRfQHfohpZDmppiByWWRYDhs"
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
link
<https://user.usatoday.com/USAT-GUP/user/>;rel=preload;as=fetch;crossorigin=use-credentials;nopush,<https://www.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg>;rel=preload;as=image;nopush
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
origin-agent-cluster
?1
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server
nginx/1.26.1
server-timing
gnt_i;desc="06265674426709770299*201575*TR~34"
strict-transport-security
max-age=63072000
vary
Accept-Encoding,User-Agent
x-abvariant
HP4U_B2
x-cache
HIT, HIT
x-content-type-options
nosniff
x-frame-options
deny
x-timer
S1722339156.632891,VS0,VE2
x-xss-protection
1; mode=block
/
user.usatoday.com/USAT-GUP/user/ 		0
0
/
eu.usatoday.com/
Redirect Chain
  • https://www.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg
  • https://eu.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg
  • https://eu.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg/
  • https://usatoday30.usatoday.com/tangstatic/svg/weather/6-q1a2z336db9d4f.svg/
  • https://eu.usatoday.com/
0
0
pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
168.firano2.fun/tangstatic/js/ 		294 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
2aad942af19d9b1a2128e8c942c093ae0695d64e6a56fd66d5f51e7098972fce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security
max-age=63072000
age
1185497
x-cache
HIT, HIT
content-length
81647
last-modified
Tue, 16 Jul 2024 18:13:46 GMT
server
nginx/1.26.1
x-timer
S1722339156.848635,VS0,VE1
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
cache-control
public, immutable, max-age=315360000
accept-ranges
bytes
apstag.js
c.amazon-adsystem.com/aax2/ 		312 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57de7fe2b12a7adf68bde842a680e51423f5fb940c4fbade7dfb721e22907ec8

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:13:17 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jul 2024 20:38:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1159
x-amz-server-side-encryption
AES256
etag
W/"f3827e9e649a0910d70a775d66bf75b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
IhKzRrs0Wp0Bz73jEJrupciQsMqIDvTTfZ7C06OAXE2V_ffunSIyQg==
iasPET.1.js
static.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasPET.1.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 17:35:37 GMT
x-amz-version-id
UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding
gzip
via
1.1 9dd3685eb51bb09781f673d8a8f1a6c4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P6
age
64619
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Jun 2021 13:42:44 GMT
server
AmazonS3
etag
W/"51636de3ce868a2172f9e6996c2934e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
KZE6PVSxBHjF871p-AEJCRuLBLjgfYIcTkzwZqjmjoU9FxoVougBaA==
gannett_net.js
cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/gannett_net.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03799d1b9b43d5f2b6990e07ec1f2f7b708dbdd251d682673fb206ff49ef1d6

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 30 Jul 2024 11:17:18 GMT
server
cloudflare
age
917
cf-polished
origSize=4796
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Qx%2F9WKfjtElFSjIdXX%2FQht95fylmCuKKY91ibPRpjDIk6yPUi092ILcLRf1OPaWkBH8jVc5T6kzJN83Kpo2VzH%2BOKEB%2F6ozMnKeUSgbFEH257DLZLnm6shGIFYeHKo6V2DRZx0h9UeXKIB%2BuchidtE6"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8ab5076c79de9944-FRA
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ebf7ccb965add453301478e749c87737a40d6356297aa0fb15bf982e4e10bba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31543
x-xss-protection
0
server
cafe
etag
189 / 19934 / 31085684 / config-hash: 10481201251888159186
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 11:32:35 GMT
main-q1a2z32cba5447.min.js
168.firano2.fun/tangstatic/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/tangstatic/js/main-q1a2z32cba5447.min.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
b7e223b62bbf923de31cabcc1352c080cce86ef33bf22863507b8c4e8171cd19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security
max-age=63072000
age
58947
x-cache
HIT, HIT
content-length
33455
last-modified
Mon, 29 Jul 2024 19:07:46 GMT
server
nginx/1.26.1
x-timer
S1722339156.850006,VS0,VE1
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
cache-control
public, immutable, max-age=315360000
accept-ranges
bytes
loader.js
cdn.taboola.com/libtrc/usatodaydemo/ 		1 MB
268 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
328d65c3f556b06e386aefa4c6055ec1d471bc39b8dd62064648e1720b79f56b

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
IqvFE.QbkPDLYYbZrOg9cHNcTWPxdoa7
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:36 GMT
x-amz-request-id
VZ3VMERGKTHKB43W
age
1041
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
8
x-amz-replication-status
FAILED
content-length
273584
x-amz-id-2
TpWgjah4ZdZ94/lTGTJTQymMzqvb80Blc2e/BghynwZS0PqeSUf03pDQ1cTK1NMccZvrgmh6Hu0=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Tue, 30 Jul 2024 11:11:17 UTC
server
nginx
x-timer
S1722339156.015399,VS0,VE1
etag
"bdf90f23e159fbac8acf3b5a428670218f87180c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
31
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
newsroom.js
c2.taboola.com/nr/usatodaydemo/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/usatodaydemo/newsroom.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0472428f92b856b16ed34d35ecd5ac87263cc602f52becd80a77967c62645c51

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:35 GMT
x-amz-request-id
Z2YDAAQ5TMHYX9H7
age
58
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
18341
x-amz-id-2
dG/QjoNfPdxXUwOjw4EDpKbNgrPrU7Eo9CgEfOVdpWf+i5wCn8QEfiFFnUJ/BmMqNGcYikYqXgw=
x-served-by
cache-fra-etou8220049-FRA
last-modified
Mon, 12 Feb 2024 23:25:31 GMT
server
AmazonS3
x-timer
S1722339156.914512,VS0,VE1
etag
"59535293309bb936be0e03b836157b73"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
1
config.js
cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/ 		276 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
054e016a77583aeb6cf4062043c10357f28911fe6111d70ffb14af3411e9d85c

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
98HCBCXZ65DXAY6R
age
401
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
62614
x-amz-id-2
hEqgiQ9yTIwD+tDjLVVgMH8ZuGSv1l3Z5mbSZA5tkv/YjIWNMgC8n41NzrbeBRf1uc0I37W8bxT09GoCuz/EJioStI7eXXaX
last-modified
Tue, 30 Jul 2024 11:21:09 GMT
server
cloudflare
etag
"ac4e87f6ad30f6ca90e1ccacbf58b151"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
cf-ray
8ab5076c3feabf23-WAW
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09ff51e8da83c9e21d60dfe0362dd8ba6757e563659f1ab043779e1dd5118b4b

Request headers

Referer
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
74598119007-usatsi-23837092.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/30/USAT/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/30/USAT/74598119007-usatsi-23837092.jpg?crop=2843,1599,x0,y148&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
e8bb521719b51c0b73165b49dbb769a6ed9c63814ae782a685f936b4477618c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010215
age
18812
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
4164
server
nginx/1.26.1
etag
"CBEghGVJiQXU6yuGrhqgA6q/u5ch+81ZgwTU9H61axs"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74456648007-gty-2160784274.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/18/USAT/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/18/USAT/74456648007-gty-2160784274.jpg?crop=6931,3900,x0,y361&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
541e7e1a9b051548c8ca99dde9ed23b57e899c2638e5995943026d96c17a7c3a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010249
age
213630
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
2136
server
nginx/1.26.1
etag
"PGimU3mZ+13krX3GL2XZ9OrN5zEk3BtDFtqP5ewlM5c"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74550947007-xxx-2024-summer-travel-th-1389.JPG
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/25/USAT/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/25/USAT/74550947007-xxx-2024-summer-travel-th-1389.JPG?crop=3318,1867,x0,y210&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
cf5d43be392011e70f32a9ffdce944da2acbc440d32a3d986f2e9b5679d0dea4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010230
age
122
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
6838
server
nginx/1.26.1
etag
"gEUkxHJ7O6YG6lSanpdp44nKDe2nZaXkwFaos1i94S8"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74331120007-usatsi-19387615.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/08/USAT/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/08/USAT/74331120007-usatsi-19387615.jpg?crop=1199,675,x0,y105&width=430&height=242&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
6c27b41c7e0f0a4536cb6809a64260531a43294ef5d1e1dd92848b86c8d61076
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010246
age
8989
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
17632
server
nginx/1.26.1
etag
"ZLcadXlJIgRmHyWyVOX1sZElnVn1HXLgL3ebgNIHQiI"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74589922007-2024-olympics-agony-ecstary-11.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74589922007-2024-olympics-agony-ecstary-11.jpg?crop=3216,3216,x1160,y0&width=130&height=130&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
f71e0d56b0d81afc81010489d97170e2b73395dd6d243e08bba620aa8e48afb2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010248
age
67339
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
4860
server
nginx/1.26.1
etag
"FQLV4L/zJccFEXzBKvQwwSB2IXThjNpWVeCTJumC0sA"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74566663007-20240722-t-223356-z-286902244-rc-2-jx-8-ag-5-ds-6-rtrmadp-3-usaraceillinoispolicebodycam.JPG
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/26/USAT/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/26/USAT/74566663007-20240722-t-223356-z-286902244-rc-2-jx-8-ag-5-ds-6-rtrmadp-3-usaraceillinoispolicebodycam.JPG?crop=3134,3133,x716,y0&width=130&height=130&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
38e9fa9190a4672f4ba7e7af1c078ae348d7f14a628b5b780005b1f9293b326a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010246
age
304203
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
3936
server
nginx/1.26.1
etag
"wKjWkbGX6NkANnF+48awzNcCqtBmzjWwj6ztlj8Q7O4"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74594163007-1468697417.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74594163007-1468697417.jpg?crop=3333,3332,x500,y0&width=130&height=130&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
3a18ea92c380189408cb5d34a8c37bad6248c61f93ba194c250429f2c2d5a825
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010215
age
50179
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
3178
server
nginx/1.26.1
etag
"7+PfndWMhENODVyHAJc+hD7Xeo63oaMTu+kxh4uR8rc"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
581157b6-01b5-4739-8d2d-23f2febe7e45-20230925_KIND_AKND_Firefighters_Save_Kitten_Stuck_in_Pipe_16x9_thumb_1.jpg
168.firano2.fun/gcdn/presto/2023/09/25/USAT/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/presto/2023/09/25/USAT/581157b6-01b5-4739-8d2d-23f2febe7e45-20230925_KIND_AKND_Firefighters_Save_Kitten_Stuck_in_Pipe_16x9_thumb_1.jpg?width=660&height=371&fit=crop&format=pjpg&auto=webp&quality=40
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
18980d9fc28c047aeac36109453bd5b4cc1840a2eda1df4214a10c7b06316773
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010230
age
1026921
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
7976
server
nginx/1.26.1
etag
"mxs3oIbwWUKsgoDqsc9wEHcPINhpliTCsFmr2Czl9ZU"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		326 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e884a5aa6872d5f3dd20ce71f57863a55c3dd599af9a4d6b49f778189a6241b2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
adx
securepubads.g.doubleclick.net/gampad/ 		0
25 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/adx?t=position%3Dnative-front_tile&iu=7103%2Fusatoday%2Fnative-front_tile%2Fhomepage&sz=2x3&cust_params=utm_props%3D%7C%7C%26navigationtype%3Ddirect%26cst_section%3Dhomepage%26pageType%3Dhome-front%26property%3DUSAT%26sitepage%3DUSAT%2Fhome%26ssts_section%3Dhome%26aam_props%3Dtangent-desktop%7Cdesktop%7Chomefront%26build%3Dtangent-desktop%26variant%3DHP4U_B2&tfcd=0&c=963122853509812
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
global-q1a2z3QmDd4GDQlaH8cTQND57Ny7WeNM.min.json
168.firano2.fun/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/global-q1a2z3QmDd4GDQlaH8cTQND57Ny7WeNM.min.json
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
3f6a0ad3e356332731589c85277a24d518d1b3853285c92e0c4375afa90a5538
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
content-encoding
br
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
416058
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
x-cache
HIT, HIT
cross-origin-resource-policy
same-origin
content-length
3133
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.26.1
cross-origin-opener-policy
same-origin
x-timer
S1722339156.015340,VS0,VE1
etag
W/"QmDd4GDQlaH8cTQND57Ny7WeNM"
x-frame-options
deny
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/json; charset=utf-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
public,immutable,max-age=315360000
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=168.firano2.fun
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/gannett_net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
969186c48deedbf5cb493aa710e5dde518703dd2e7f98b1f7fcee478d2cd2d05

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 30 Jul 2024 11:32:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IezwlI2U3FOXGLdCgRuiisvgkYLRZLvk%2FnnVAM1Zu5Ravi%2F0MeRYj%2BdLrwl4zR8HnEq2so6bsX%2BeQIpzMW4j6Ozces5pb2DShtEBHcfHyjRuf8TGCJz%2FwUJNobtG1al5WhapKWcxOeym8gDYawY7W8%2FV"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8ab5076d2aa09944-FRA
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
main.js
www.usatoday.com/gcdn/dcjs/prod/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gcdn/dcjs/prod/main.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a1d8f8ab01441044403ace72e22a59597a31838a9849e1f065ef0eb9b72b44d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security
max-age=63072000
age
323996
x-cache
MISS, HIT, HIT, MISS
content-length
15635
last-modified
Tue, 23 Jul 2024 20:44:33 GMT
etag
"9d2dff892e5df4fca6baf6c5cf5142fc"
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/ 		473 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js?cb=31085684
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
4296b357302c4a1d889d19d8bd507a5687afd5f0c9d44e400e3ffd8b3ed27169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
12659
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151336
x-xss-protection
0
server
cafe
etag
16867536993307840219
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 30 Jul 2025 08:01:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		63 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=168.firano2.fun
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
92b89a7520396301a8e617e343407401bdc608d6c9bb04ffd6982265a3622c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
expires
Tue, 30 Jul 2024 11:32:36 GMT
/
168.firano2.fun/tangfrag/sports/olympics-medal-count/ Frame DB70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/tangfrag/sports/olympics-medal-count/?prm-season=2024&prm-embedded=true
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';style-src-elem 'unsafe-inline';base-uri 'self';connect-src https://reporting-api.gannettinnovation.com;font-src data:;img-src *;prefetch-src *;sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
10593
content-encoding
br
content-length
12280
content-security-policy
upgrade-insecure-requests;default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';style-src-elem 'unsafe-inline';base-uri 'self';connect-src https://reporting-api.gannettinnovation.com;font-src data:;img-src *;prefetch-src *;sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html; charset=utf-8
date
Tue, 30 Jul 2024 11:32:36 GMT
etag
W/"661f-w4Z6JR7HVkbJWusWLK2NtGjSUI0"
feature-policy
autoplay 'none';camera 'none';display-capture 'none';document-domain 'none';encrypted-media 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
origin-agent-cluster
?1
permissions-policy
autoplay=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server
nginx/1.26.1
strict-transport-security
max-age=63072000
timing-allow-origin
*
vary
Accept-Encoding,User-Agent
x-cache
HIT, HIT
x-content-type-options
nosniff
x-robots-tag
noindex,follow
x-timer
S1722339156.175744,VS0,VE1
x-xss-protection
1; mode=block
cookie_sync
168.firano2.fun/pbd/ 		426 B
869 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/pbd/cookie_sync
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
567f9433b1bdf10619a0e2734ffce38b739dc32158a0a94cc10ce82fbf6441de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
server
nginx/1.26.1
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/html; charset=utf-8
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
426
x-xss-protection
1;mode=block
retry-after
0
auction
168.firano2.fun/pbd/openrtb2/ 		425 B
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/pbd/openrtb2/auction
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
213cbc6e2efeb3d34dd9da00efe168224045c8c75c863eb318cc97ce2d3d1fcc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
server
nginx/1.26.1
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/html; charset=utf-8
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
425
x-xss-protection
1;mode=block
retry-after
0
cdb
bidder.criteo.com/ 		0
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=149&profileId=185&av=36&wv=8.32.0&cb=60672825050
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 11:32:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 		13 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1468240
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5abba03e7693696229d93b38e257bed6e3ca871dc5aafb4a4bbcda81bdd2477f

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 30 Jul 2024 11:32:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1722339156.414584,VS0,VE329
x-cache
MISS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://168.firano2.fun
x-envoy-upstream-service-time
320
accept-ranges
bytes
content-length
13745
x-served-by
cache-fra-etou8220037-FRA
bid-request
a.teads.tv/hb/ 		16 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 11:32:36 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://168.firano2.fun
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 30 Jul 2024 11:32:36 GMT
auction
168.firano2.fun/pbd/openrtb2/ 		425 B
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/pbd/openrtb2/auction
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
0f80b25c2ca04a416d1b54688291cf92dcf19d4304f18e7c81da39c88b922d2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
server
nginx/1.26.1
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
text/html; charset=utf-8
cache-control
no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
425
x-xss-protection
1;mode=block
retry-after
0
215ba713-4e96-4806-bd6a-f5d49527bcfe-GettyImages_1484969074_1.jpeg
www.gannett-cdn.com/presto/2023/07/07/USAT/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2023/07/07/USAT/215ba713-4e96-4806-bd6a-f5d49527bcfe-GettyImages_1484969074_1.jpeg?fit=crop&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2619cd81b77d3c1689aba1fdc66426ac702ca7a09345267b05f188d32d655304
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010230
age
299516
x-cache
MISS, HIT, HIT
fastly-stats
io=1
content-length
3774
etag
"NHlVt7DU5yWIUVC18BdzKEOegoX42rNrElO1Hfn95JI"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 34, 0
pub
pixel.adsafeprotected.com/services/ 		645 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:ad-slot-7103-usatoday-high_impact-homepage-1,s:1000.250,p:7103/usatoday/high_impact/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_front-homepage-2,s:300.250,p:7103/usatoday/poster_front/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-poster_scroll_front-homepage-3,s:300.250,p:7103/usatoday/poster_scroll_front/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-usatoday-leaderboard_btf-homepage-7,s:728.90,p:7103/usatoday/leaderboard_btf/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=4a05be4f-9348-e7d2-1d2c-726d6131dede&url=https%253A%252F%252F168.firano2.fun%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.203.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-203-149.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a2aac176906e9355b7afeabb0f440793c1fa9825e3a40dfb66a9e31be0ef7e8a

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://168.firano2.fun
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
iasADX.js
static.adsafeprotected.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasADX.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 17:35:37 GMT
x-amz-version-id
S08nbEMSQBiWsSqdAKl6yaGPRyD0riRA
content-encoding
gzip
via
1.1 9dd3685eb51bb09781f673d8a8f1a6c4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P6
age
64620
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 14 Feb 2022 12:59:56 GMT
server
AmazonS3
etag
W/"c700d1e14608af0f21adaf6e08ac2cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
I9OduPrY8vsjnAdhhF6UEyIhIZ_7SIaxj8JmYdby4mjswUXejoH33w==
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:4a05be4f-9348-e7d2-1d2c-726d6131dede
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.203.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-203-149.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="COM NAV INT STA NID OUR IND NOI"
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:36 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
content-type
image/gif
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wsrdG7p2k1pXqP8XduaeOzbWDMwRcoE-IvjVamrm1bcnqMAycyu8Aw==
3062
config.aps.amazon-adsystem.com/configs/ 		531 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3062
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-9.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
a8754d0d56b047609230516dcc57dacd00eb24e2fc5bd2afb88409520539fc6f

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 10:45:29 GMT
via
1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
age
2827
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
531
x-amz-cf-id
e0_MlETpCt-Po49RBavQgACOCjqBmNthTmuTO42hJksx0apPJkiGow==
config
c.amazon-adsystem.com/cdn/prod/ 		641 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3062&u=https%3A%2F%2F168.firano2.fun
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
Server /
Resource Hash
f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://168.firano2.fun
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
641
x-amz-cf-id
haJ_GtmJdCN17hgZQWu4fA5t5a3xDpOBx_5y9Z02YdWEM-ds5DrNPA==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2F168.firano2.fun%2F&pid=EVkG2s3XHCz2E&cb=0&ws=1600x1200&v=24.722.1801&t=1500&slots=%5B%7B%22sd%22%3A%22ad-slot-7103-usatoday-high_impact-homepage-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Fhomepage%2F1%22%7D%2C%7B%22id%22%3A%22videoSlot1%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_front-homepage-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_front%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-poster_scroll_front-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll_front%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-usatoday-leaderboard_btf-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Fhomepage%2F1%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-15-236.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
via
1.1 1332d04637e8e8783a277613082f94d8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
WndOinPgTkZnsdIyCyQ37W9CLZNgRDQlT96MUIo853cfqWFBlK4PZw==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202407090940/ 		284 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
XNRCFRQ49R7BE9XC
age
1794797
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
103346
x-amz-id-2
2MQNrkMYGQsTMdiGLz7UBmZDsRB0jCDEm4FIwKmBXoZNDih73MKrvkes0Lp4/jSkDCTB84ej5LY=
last-modified
Tue, 09 Jul 2024 14:20:21 GMT
server
cloudflare
etag
"76074361c87e7c8d3af88302818b71f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ab5076f5cadbf23-WAW
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame BD31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

abp
96
accept-ranges
bytes
access-control-allow-origin
*
age
18968
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Tue, 30 Jul 2024 11:32:36 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
WJ7HUWSXwQk7466uNAlUKnkvOaQ+POcvqF9iHiQx6M6a4TrwqSMJNOtgmd6o8plWeZEczvb4/r4=
x-amz-replication-status
COMPLETED
x-amz-request-id
AKPH57N3AWSG1NJ9
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
14632
x-served-by
cache-fra-etou8220028-FRA
x-timer
S1722339157.564231,VS0,VE0
load.js
pm-widget.taboola.com/usatodaydemo/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/usatodaydemo/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36d0f6150f2eaaed37a21fbe52156a4cab87e4fea0b6d69663d27dcf0b3d4424

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
NKCxBtD7JS8etRibom4zkiGHcDqmrivf
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:36 GMT
x-amz-request-id
D3AYY6BRNWJRPSSV
age
3227
x-cache
HIT
content-length
1195
x-amz-id-2
JNxHsMrrqa+uVJLl2gRzl2s/7DEVu/IxGwtzzeUCUz4rgvmfObve4fXcNVNlREOwqTIat3FRLfM=
x-served-by
cache-fra-etou8220157-FRA
last-modified
Wed, 06 Mar 2024 04:17:35 GMT
server
AmazonS3
x-timer
S1722339157.693634,VS0,VE0
etag
"71f379a16939b8b05bee450b4857e531"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
2
sync
gum.criteo.com/ 		46 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
249600
expires
60
MIN-108010.js
apv-launcher.minute.ly/api/launcher/ 		0
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-108010.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.25.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
21, 3216
date
Tue, 30 Jul 2024 11:32:36 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
2284451
x-cache
HIT, HIT
content-length
0
x-xss-protection
1; mode=block
x-request-id
51a3c8f7-6002-4a58-9108-c847af51b421
x-served-by
cache-iad-kiad7000068-IAD, cache-fra-etou8220137-FRA
x-runtime
0.003617
referrer-policy
strict-origin-when-cross-origin
x-debug-req-method
GET
server
nginx/1.25.1
x-timer
S1722339157.728859,VS0,VE0
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
x-debug-app-get
GET
x-debug-server-name
apv-launcher.minute.ly
access-control-allow-credentials
true
cache-control
max-age=60
accept-ranges
bytes
access-control-allow-headers
content-type
expires
Thu, 04 Jul 2024 00:58:25 GMT
impl.20240728-4-RELEASE.js
cdn.taboola.com/libtrc/ 		912 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240728-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
65f15c9282fc8e6d0968da41b92f4677bb516bb2699a2600a60845ad89547ed2

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
O2soQralhplaLLRoGmUPMP8woNmQzpyw
content-encoding
br
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:36 GMT
x-amz-request-id
Z79F8V4Z4AQ3HBK3
age
8054
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
188266
x-amz-id-2
Ogfzh+IjHLvhdAaPNCOMS4Oo8qmChWdViChrU665DePRHcvsWkFzZGe7MsmoajnbgbHSByEz0wU=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Sun, 28 Jul 2024 09:18:14 GMT
server
AmazonS3-br
x-timer
S1722339156.461404,VS0,VE0
etag
"10d5fd846913426c6c30b4fd89dea1ba"
vary
Accept-Encoding
content-type
application/javascript
abp
23
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12985
c.js
collector.brandmetrics.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=168.firano2.fun&rnd=6423673&json
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=168.firano2.fun
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://168.firano2.fun
date
Tue, 30 Jul 2024 11:32:36 GMT
access-control-allow-credentials
true
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
content-length
0
content-type
application/json
USAT-TEALIUM-TANGENT.json
www.usatoday.com/gcdn/dcc/prod/ 		30 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gcdn/dcc/prod/USAT-TEALIUM-TANGENT.json
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4efb343a1c4bf292cb1fde6f41a16dd1473cd0563d30c3397f9130855541642b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security
max-age=63072000
age
72313
x-cache
MISS, HIT, HIT, MISS
content-length
4652
last-modified
Mon, 29 Jul 2024 15:27:21 GMT
etag
"0a26fc49547236be9c6d819b7726d6e6"
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
json
hp.taboola.com/usatodaydemo/trc/3/ 		31 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/usatodaydemo/trc/3/json?llvl=2&tim=13%3A32%3A36.455&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2213393%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1722339156455%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22ad%22%3A%7B%22hp4uGetRegions%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2F168.firano2.fun%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9251%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Top%20Headlines%22%2C%22orig_uip%22%3A%22HP%20Top%20Headlines%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Hero%22%2C%22orig_uip%22%3A%22HP%20Hero%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Top%20Table%203%22%2C%22orig_uip%22%3A%22HP%20Top%20Table%203%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Top%20Headlines%202%22%2C%22orig_uip%22%3A%22HP%20Top%20Headlines%202%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Hero%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Top%20Headlines%202%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Top%20Headlines%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Top%20Table%203%3Dorganic-hp-swap-mode%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1722326626249%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fsports%2Folympics%2F2024%2F07%2F30%2Fparis-olympics-live-updates-results%2F74190687007%2F%22%2C%22%2Fstory%2Fentertainment%2Fcelebrities%2F2024%2F07%2F30%2Ftaylor-swift-uk-mass-stabbing-statement%2F74598487007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Finflation-not-slowing-summer-travel%2F74471975007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Fohio-voter-id-law-disenfranchised%2F74169004007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F17%2Fthomas-matthew-crooks-trump-assassination-plot-execution%2F74438320007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F16%2Ftrump-shooting-assassination-gun-details%2F74425138007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F06%2F21%2Fclaudia-gomez-shooting-border-patrol-texas-rangers-investigation%2F74071719007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F05%2F22%2Fmexican-cartels-supplied-trafficked-guns-from-us%2F73700258007%2F%22%2C%22%2Fstory%2Ftech%2Fproblemsolved%2F2024%2F07%2F30%2Fdinner-ideas-near-me-tech-helps%2F74431391007%2F%22%2C%22%2Fstory%2Flife%2Fanimalkind%2F2024%2F07%2F29%2Ftaquito-bird-amarillo-texas%2F74591198007%2F%22%2C%22%2Fstory%2Fnews%2Fnation%2F2024%2F07%2F29%2Fcobb-county-georgia-well-rescue%2F74587400007%2F%22%2C%22%2Fstory%2Fsports%2Fsportskind%2F2024%2F07%2F29%2Fwatch-these-seniors-bring-the-olympic-spirit-to-a-mock-olympic-games%2F74560902007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F24%2Fbest-photos-from-the-2024-paris-olympic-games%2F74532813007%2F%22%2C%22%2Fpicture-gallery%2Fentertainment%2Fcelebrities%2F2024%2F07%2F26%2F2024-paris-summer-olympics-celebrity-pictures%2F74560892007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F27%2Fsurfs-up-best-photos-from-tahiti-during-paris-olympics%2F74574692007%2F%22%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f4e656a3d174523f85660dfb2bd8d69ef9b1c1a5d7972bf1550db0b8be68a32

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
424
date
Tue, 30 Jul 2024 11:32:37 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.2715
x-fastly-to-nlb-rtt
7348
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722339157.802086,VS0,VE424
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-10-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:36 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 30 Jul 2024 11:47:36 GMT
events
bidder.criteo.com/csm/ 		0
193 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://168.firano2.fun
date
Tue, 30 Jul 2024 11:32:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid-event
traxex.gannettdigital.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traxex.gannettdigital.com/prebid-event
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
google-topics-api.20240728-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/google-topics-api.20240728-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d58bda4a6a9ee35ad967ebd5027c7ecc544f493fd93afa464a35781bbeb7da72

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
hc6nWeQzwgvl4sVNr3yFrYORoShRDkpA
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:36 GMT
x-amz-request-id
EKDPF1DF5BM3Z4RF
age
86067
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1058
x-amz-id-2
E0UTDlkfNWT+EkHj8ObonqPykfSDub6N1Vx28OzaOniveuP9bTg0+VzecNQ9e93WEuAQB9D5ToQ=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Mon, 29 Jul 2024 11:38:10 GMT
server
AmazonS3
x-timer
S1722339157.865234,VS0,VE0
etag
"80123bb9088a296bcb912a3f510b1850"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
94
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
57106
sd
www.usatoday.com/gciaf/prod/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.usatoday.com/gciaf/prod/sd
Requested by
Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache
MISS
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
origin-agent-cluster
?1
cache-control
no-store
access-control-allow-credentials
true
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
vary
Origin,Referer
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		262 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a27a84a0e5641049dba63da1708f9f18ae0d63d35b5ce60db361c7da62036a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93067
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 11:32:37 GMT
p.js
cdn.parsely.com/keys/168.firano2.fun/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/168.firano2.fun/p.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.219.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-219-59.mxp63.r.cloudfront.net
Software
nginx /
Resource Hash
8bd72d23fabec245757bc6bb991a51f31052fe0c17936bcc4b2da4b18b8f48b6

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
content-encoding
gzip
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
last-modified
Wed, 27 Apr 2022 15:49:32 GMT
server
nginx
x-amz-cf-pop
MXP63-P2
etag
W/"6269660c-dbf1"
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
IJOkva33fpWL0LgE1fa2DXFmwDg3GBw0mG5vwhuKBaMgaDHrn7POnA==
conversion_async.js
www.googleadservices.com/pagead/ 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
36a2ca40998a70e47e0bf4091e7be8d2b85d746ad2cb8cf0ba405d52ca5f4c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19454
x-xss-protection
0
server
cafe
etag
9386732068429509604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 30 Jul 2024 11:32:37 GMT
a-01aa.min.js
b-code.liadm.com/ 		101 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01aa.min.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:8e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6fa5fad4f499ec8b02f1eaf8c570e80dc6f66f1772245b902c5dd91e69773d70

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:19:47 GMT
content-encoding
gzip
via
1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
76370
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
x-amz-cf-id
9kllibpVB53NuOhbLr0fyZmizMss0jSjw9NplN5bNZJEiR9w5lOkRQ==
tfa.js
cdn.taboola.com/libtrc/unip/1168/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8046dcf402adc4f53bd06a7f438142cc833d52c2a16f14ba618e7ef9fa15767

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
mIG5kW4SkmrgjlOM82RuFk6rdpnzdzuW
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:37 GMT
x-amz-request-id
Y052FPXFSXWQRP9Q
age
160
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
fastly-restarts
1
x-amz-id-2
minLGqRmdYCC1M4wPpH/9Hmw+NWbz/RfexO0U49aDC3gDFIIgiRti/o/PTl+5ShBrq9ky8zJsFo=
x-served-by
cache-fra-etou8220157-FRA
content-length
21484
last-modified
Mon, 29 Jul 2024 11:22:23 GMT
server
AmazonS3
x-timer
S1722339157.997988,VS0,VE198
etag
"8a71ff074995a0f520f35e0bba2641b7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
23
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
242
p
sb.scorecardresearch.com/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&c5=home&category=home&comscorekw=home_tangent&c6=home&c4=https%3A%2F%2F168.firano2.fun%2F&c15=f03c29b0-ea76-42d6-9556-a7314bf4f7dd&cs_fpid=f03c29b0-ea76-42d6-9556-a7314bf4f7dd&cs_ucfr=&cs_fpit=li&&cv=3.6.0&cj=1
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-98.ams58.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
11WvRdbflwldub1b3DhvvNgGq3EfVa6u0lfN-cM1Rry4x8SQzDVQjQ==
prebid-event
traxex.gannettdigital.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://traxex.gannettdigital.com/prebid-event
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.193.149.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/ 		220 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=549574755693303&correlator=609655105712327&eid=44809527%2C31083343%2C31083345%2C31085684%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407250101&ptt=17&impl=fifs&ltd_cs=1&tfcd=0&iu_parts=7103%2Cusatoday%2Chigh_impact%2Chomepage%2Cposter_front%2Cposter_scroll_front%2Cleaderboard_btf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F5%2F3%2C0%2F1%2F6%2F3&prev_iu_szs=320x50%7C1000x250%7C970x250%7C970x90%7C970x66%7C728x90%7C2x4%7C1x2%7C2560x1440%2C300x250%7C300x600%2C300x250%7C300x600%7C300x1050%2C728x90&fluid=height%2C0%2C0%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1722339157004&lmt=1722339157&adxs=-12245933%2C1010%2C-9%2C436&adys=-12245933%2C912%2C-9%2C8161&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F168.firano2.fun%2F&vis=1&psz=1600x268%7C300x268%7C0x-1%7C880x108&msz=970x250%7C300x250%7C0x-1%7C728x90&fws=4%2C516%2C2%2C4&ohw=1600%2C1600%2C0%2C728&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722339155777&idt=817&prev_scp=position%3Dhigh_impact%26adCount%3D1%26id%3D6b8a7a42-4e67-11ef-9e36-063304d64f19%26nsf%3Dparamount%2Cparamount-high_impact%2Cmomentum%7Cposition%3Dposter_front%26adCount%3D1%26id%3D6b8a7a43-4e67-11ef-9e36-063304d64f19%26grm%3D40%7Cposition%3Dposter_scroll_front%26adCount%3D1%26hb_ap_id%3D7599891%26hb_ap%3D0.88%26hb_adid%3D7991d22484b7f2f%26hb_size%3D300x600%26id%3D6b8a7a44-4e67-11ef-9e36-063304d64f19%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%26pub%3D40%2C50%2C60%7Cposition%3Dleaderboard_btf%26adCount%3D1%26id%3D6b8a7a45-4e67-11ef-9e36-063304d64f19&cust_params=aam_props%3Dtangent-desktop%257Cdesktop%257Chomefront%26alerttype%3D%26build%3Dtangent-desktop%26cst_section%3Dhomepage%26features%3Dnoautoplay%252CheavyAds%26hls%3Dhttps%253A%252F%252Fwww.usatoday.com%252Fgcdn%252Fgannett-web%252Fapps%252Fteal%252Fdist%252Fvendor%252Fhls%252Fhls.1.2.8.min.js%26navigationtype%3Ddirect%26pageType%3Dhome-front%26privacy%3DNA%26property%3DUSAT%26sitepage%3DUSAT%252Fhome%26ssts_section%3Dhome%26pid%3D1722339155851_399006659%26utm_props%3D%257C%257C%26variant%3DHP4U_B2%252Cad-control%252Cst95%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&adks=3395925604%2C4137453105%2C2162033904%2C3046041323&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js?cb=31085684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
938c20616761c3dbeb876d8632a7039725a3a26a6ad401350a7019a9eaca5f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37909
x-xss-protection
0
google-lineitem-id
6756994072,6754762461,6696889610,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138483060666,138483212162,138469914919,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 63AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js?cb=31085684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 11:32:37 GMT
expires
Tue, 30 Jul 2024 11:32:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pmk-20220605.16.js
pm-widget.taboola.com/usatodaydemo/ 		84 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/usatodaydemo/pmk-20220605.16.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99090b3cc7ed201c2bbd8dcd1e0e4ebf54f6fe8b64f46b9dc4c6bf5345b3f34a

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
X0FggUL4k5DNjmEbPTrc8OTQs4LcEy58
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:37 GMT
x-amz-request-id
G2448AMAQGNC5QN6
age
22787
x-cache
HIT
content-length
24240
x-amz-id-2
z4DTKZNXubqophJtiPT6Patve6UStYIkw65+qbVoJE1h3PLoeM84EETfQmokNydf6GZsbT64WC8=
x-served-by
cache-fra-etou8220049-FRA
last-modified
Wed, 06 Mar 2024 04:17:34 GMT
server
AmazonS3
x-timer
S1722339157.039636,VS0,VE0
etag
"64d79925f01194343d2118055daa64f3"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
9
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 753C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240728-4-RELEASE.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

abp
96
accept-ranges
bytes
access-control-allow-origin
*
age
18968
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Tue, 30 Jul 2024 11:32:36 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
WJ7HUWSXwQk7466uNAlUKnkvOaQ+POcvqF9iHiQx6M6a4TrwqSMJNOtgmd6o8plWeZEczvb4/r4=
x-amz-replication-status
COMPLETED
x-amz-request-id
AKPH57N3AWSG1NJ9
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
14632
x-served-by
cache-fra-etou8220028-FRA
x-timer
S1722339157.564231,VS0,VE0
trecs-roqad.es5.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/trecs-roqad.es5.js?uid=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&gdpr=1&gdpr_consent=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2a5e83a1c3b20eac4e0c90c7c9d3a93c92106c8c22d06f3f42e6b48ee33ef6c

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ZeKxgmcK5kOMhV154Fn5s2dTl_jApY30
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:37 GMT
x-amz-request-id
2K03HTKWX47ZYW66
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
COMPLETED
content-length
880
x-amz-id-2
4Z5/SGxhw3nlZeN+PBAxB3Pi2nHNUacL6b92VbuqVZ43g7sQ8JPsZErxzJWVeXVxoISmN/C7nQux1ogYz7Z81/fNLXYq90vY
x-served-by
cache-fra-etou8220114-FRA
last-modified
Thu, 09 May 2024 12:03:39 GMT
server
AmazonS3
x-timer
S1722339157.313220,VS0,VE225
etag
"3cfa434d3bfae58e371d2effb900e1b6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
abp
97
cache-control
private,max-age=14400
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:37 GMT
x-amz-request-id
M4SP5ZB80QM7DHQP
age
25065
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
27s1ZzL8grOAJHrzyGAagzwa4QLcFiyx8paeutTC1SOQfkmrt1WACjA/9B+yApzfDtcrskytcvQ=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1722339157.313468,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
23
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
64026
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:37 GMT
x-amz-request-id
KY3ZDW3K2B6H1MC5
age
3546
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
glnLVJe0jUWHqbuSXyp3oTwTr/9U0elibpLkjEMzZFejh7oPu3HsHSZeIfz8vSHKbbI7Fyo6BwY=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1722339157.313458,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
67
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
11868
review-mode
trc.taboola.com/usatodaydemo/log/3/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=18260&tvi50=9058&route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7477
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339157.382113,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
review-mode
trc.taboola.com/usatodaydemo/log/3/ 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=18260&tvi50=9058&route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7453
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339157.419997,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
review-mode
trc.taboola.com/usatodaydemo/log/3/ 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=18260&tvi50=9058&lti=trecs&ri=880448d3b48adefbe165570e10ccd763&sd=v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339156_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA&ui=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&pi=/&wi=7846795646874050930&pt=home&vi=1722339156455&tim=13%3A32%3A37.301&id=1563&llvl=2&cv=20240728-4-RELEASE&
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7362
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339157.330772,VS0,VE8
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
review-mode
trc.taboola.com/usatodaydemo/log/3/ 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=18260&tvi50=9058&lti=trecs&ri=880448d3b48adefbe165570e10ccd763&sd=v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339156_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA&ui=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&pi=/&wi=7846795646874050930&pt=home&vi=1722339156455&tim=13%3A32%3A37.304&id=1816&llvl=2&cv=20240728-4-RELEASE&
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7457
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339157.331319,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
hp.taboola.com/usatodaydemo/trc/3/ 		38 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/usatodaydemo/trc/3/json?llvl=2&tim=13%3A32%3A37.307&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2239319%22%2C%22sd%22%3A%22v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339156_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA%22%2C%22ui%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1722339156455%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2F168.firano2.fun%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9251%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20More%20Top%20Stories%22%2C%22orig_uip%22%3A%22HP%20More%20Top%20Stories%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20More%20Top%20Stories%202%22%2C%22orig_uip%22%3A%22HP%20More%20Top%20Stories%202%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20More%20Top%20Stories%203%22%2C%22orig_uip%22%3A%22HP%20More%20Top%20Stories%203%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Elections%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Elections%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Elections%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20More%20Top%20Stories%202%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20More%20Top%20Stories%203%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20More%20Top%20Stories%3Dorganic-hp-swap-mode%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_2%22%2C%22lbt%22%3A1722326626249%2C%22uifp%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fsports%2Folympics%2F2024%2F07%2F30%2Fparis-olympics-live-updates-results%2F74190687007%2F%22%2C%22%2Fstory%2Fentertainment%2Fcelebrities%2F2024%2F07%2F30%2Ftaylor-swift-uk-mass-stabbing-statement%2F74598487007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Finflation-not-slowing-summer-travel%2F74471975007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Fohio-voter-id-law-disenfranchised%2F74169004007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F17%2Fthomas-matthew-crooks-trump-assassination-plot-execution%2F74438320007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F16%2Ftrump-shooting-assassination-gun-details%2F74425138007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F06%2F21%2Fclaudia-gomez-shooting-border-patrol-texas-rangers-investigation%2F74071719007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F05%2F22%2Fmexican-cartels-supplied-trafficked-guns-from-us%2F73700258007%2F%22%2C%22%2Fstory%2Ftech%2Fproblemsolved%2F2024%2F07%2F30%2Fdinner-ideas-near-me-tech-helps%2F74431391007%2F%22%2C%22%2Fstory%2Flife%2Fanimalkind%2F2024%2F07%2F29%2Ftaquito-bird-amarillo-texas%2F74591198007%2F%22%2C%22%2Fstory%2Fnews%2Fnation%2F2024%2F07%2F29%2Fcobb-county-georgia-well-rescue%2F74587400007%2F%22%2C%22%2Fstory%2Fsports%2Fsportskind%2F2024%2F07%2F29%2Fwatch-these-seniors-bring-the-olympic-spirit-to-a-mock-olympic-games%2F74560902007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F24%2Fbest-photos-from-the-2024-paris-olympic-games%2F74532813007%2F%22%2C%22%2Fpicture-gallery%2Fentertainment%2Fcelebrities%2F2024%2F07%2F26%2F2024-paris-summer-olympics-celebrity-pictures%2F74560892007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F27%2Fsurfs-up-best-photos-from-tahiti-during-paris-olympics%2F74574692007%2F%22%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2bed13527b4a8a0de6ad6d017c31f8823d4d6e26cd0564d25e4fa461f60ee551

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
441
date
Tue, 30 Jul 2024 11:32:37 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.864375
x-fastly-to-nlb-rtt
7326
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722339157.330772,VS0,VE441
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubs-generic
trc.taboola.com/usatodaydemo/log/3/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/pubs-generic?route=AM%3AAM%3AV&lti=trecs&ri=880448d3b48adefbe165570e10ccd763&sd=v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339156_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA&ui=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&pi=%2F&wi=7846795646874050930&pt=home&vi=1722339156455&tim=13%3A32%3A37.293&id=49195&llvl=2&cv=20240728-4-RELEASE&d=%7B%22data%22%3A%22%7B%5C%22type%5C%22%3A%5C%22SUCCESS%5C%22%2C%5C%22reason%5C%22%3A%5C%22swapInitialized%5C%22%7D%22%2C%22type%22%3A%22fallback%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7669
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339157.381957,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
social
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/social?lti=trecs&ri=880448d3b48adefbe165570e10ccd763&sd=v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339156_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA&ui=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&pi=%2F&wi=7846795646874050930&pt=home&vi=1722339156455&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22USA%20TODAY%20-%20Breaking%20News%20and%20Latest%20News%20Today%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Ftangstatic%2Fsites%2Fusat%2Fog-image-q1a2z3fb72acfa.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
74461946007-xxx-usat-2024-rnc-day-4-071824-127-ttm.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/18/USAT/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/18/USAT/74461946007-xxx-usat-2024-rnc-day-4-071824-127-ttm.jpg?crop=749,749,x376,y1&width=130&height=130&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
ba6a18326f3c2fe0df64aac9e4091e308cb3cccbb57a00bef804635011c818b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010214
age
672493
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
4294
server
nginx/1.26.1
etag
"Y+rrLR6HLUBBBO0+6SBPM2t28fVETKyI38fmj0bp1Vo"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74591255007-yyyymmdd-vpc-slug-fbig-presto-v-100-00-24-12-still-002.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74591255007-yyyymmdd-vpc-slug-fbig-presto-v-100-00-24-12-still-002.jpg?crop=1079,1080,x0,y0&width=130&height=130&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
d9aa2c5890f3f0526ffff32df193a40eabae538bf1a7fb556d8e1b62125d47f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010212
age
2266
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
1530
server
nginx/1.26.1
etag
"pTn4GN7uMo/3Q98npMtUWCWR7AWtq8MAdNvM5FwzN1E"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74594452007-usatsi-23853238.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74594452007-usatsi-23853238.jpg?crop=4723,4723,x1370,y3&width=130&height=130&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
03373bc076531e13daef50b52ac91ffebb26a7a6b15b54a29d795376a02f2244
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:37 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010213
age
52501
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
4400
server
nginx/1.26.1
etag
"5XjSbo7Zia9szZTJYCfQJzvJOVIGWq+pq2z04+vdaMw"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/social?route=AM:AM:V&tvi2=18260&tvi50=9058&lti=trecs&ri=880448d3b48adefbe165570e10ccd763&sd=v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339156_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA&ui=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&pi=/&wi=7846795646874050930&pt=home&vi=1722339156455&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22USA%20TODAY%20-%20Breaking%20News%20and%20Latest%20News%20Today%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Ftangstatic%2Fsites%2Fusat%2Fog-image-q1a2z3fb72acfa.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=13%3A32%3A37.396&id=1013&llvl=2&cv=20240728-4-RELEASE&
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/ 		43 B
61 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/?random=1722339157479&cv=9&fst=1722339157479&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2F168.firano2.fun%2F&tiba=USA%20TODAY%20-%20Breaking%20News%20and%20Latest%20News%20Today&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 11:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/main-q1a2z32cba5447.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 11:32:37 GMT
expires
Tue, 30 Jul 2024 11:32:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2CEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 11:32:37 GMT
expires
Tue, 30 Jul 2024 11:32:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QQ6YP2J211&gtm=45je47t0v872457263za200&_p=1722339157560&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1108207369.1722339156873&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2F&dl=https%3A%2F%2F168.firano2.fun%2F&dr=&sid=1722339157&sct=1&seg=0&dt=USA%20TODAY%20-%20Breaking%20News%20and%20Latest%20News%20Today&tfd=2511
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 Jul 2024 11:32:37 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://168.firano2.fun
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-served-by
cache-fra-etou8220049-FRA
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1722339157898&aid=a-01aa&se=e30&duid=96506546ef5a--01j41pksey5xd4atj0bh7z3rpy&tv=v2.14.3&pu=https%3A%2F%2F168.firano2.fun%2F&ext__pubcid=f5eba5a4-4112-4a8f-9264-2fc75c...
  • https://rp4.liadm.com/j?dtstmp=1722339157898&aid=a-01aa&se=e30&duid=96506546ef5a--01j41pksey5xd4atj0bh7z3rpy&tv=v2.14.3&pu=https%3A%2F%2F168.firano2.fun%2F&ext__pubcid=f5eba5a4-4112-4a8f-9264-2fc75...
13 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1722339157898&aid=a-01aa&se=e30&duid=96506546ef5a--01j41pksey5xd4atj0bh7z3rpy&tv=v2.14.3&pu=https%3A%2F%2F168.firano2.fun%2F&ext__pubcid=f5eba5a4-4112-4a8f-9264-2fc75c6230f9&wpn=lc-bundle&cd=.firano2.fun&c=PHRpdGxlPlVTQSBUT0RBWSAtIEJyZWFraW5nIE5ld3MgYW5kIExhdGVzdCBOZXdzIFRvZGF5PC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVVNBIFRPREFZIGRlbGl2ZXJzIGN1cnJlbnQgbmF0aW9uYWwgYW5kIGxvY2FsIG5ld3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgZmluYW5jZSwgdGVjaG5vbG9neSwgYW5kIG1vcmUgdGhyb3VnaCBhd2FyZC13aW5uaW5nIGpvdXJuYWxpc20sIHBob3RvcywgYW5kIHZpZGVvcy4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy51c2F0b2RheS5jb20iPg&i6=MmEwMTo0YTA6MTMzODo5Mzo6NQ%3D%3D&n3pc=true
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Server
3.212.16.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-16-194.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:39 GMT
x-pixel-event-id
df5ac40b-65a4-494e-8596-0691ea6e8a94
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?dtstmp=1722339157898&aid=a-01aa&se=e30&duid=96506546ef5a--01j41pksey5xd4atj0bh7z3rpy&tv=v2.14.3&pu=https%3A%2F%2F168.firano2.fun%2F&ext__pubcid=f5eba5a4-4112-4a8f-9264-2fc75c6230f9&wpn=lc-bundle&cd=.firano2.fun&c=PHRpdGxlPlVTQSBUT0RBWSAtIEJyZWFraW5nIE5ld3MgYW5kIExhdGVzdCBOZXdzIFRvZGF5PC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVVNBIFRPREFZIGRlbGl2ZXJzIGN1cnJlbnQgbmF0aW9uYWwgYW5kIGxvY2FsIG5ld3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgZmluYW5jZSwgdGVjaG5vbG9neSwgYW5kIG1vcmUgdGhyb3VnaCBhd2FyZC13aW5uaW5nIGpvdXJuYWxpc20sIHBob3RvcywgYW5kIHZpZGVvcy4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy51c2F0b2RheS5jb20iPg&i6=MmEwMTo0YTA6MTMzODo5Mzo6NQ%3D%3D&n3pc=true
access-control-allow-origin
https://168.firano2.fun
date
Tue, 30 Jul 2024 11:32:38 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
json
hp.taboola.com/usatodaydemo/trc/3/ 		25 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/usatodaydemo/trc/3/json?llvl=2&tim=13%3A32%3A37.989&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%227955%22%2C%22sd%22%3A%22v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339157_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA%22%2C%22ui%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1722339156455%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2F168.firano2.fun%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9438%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20For%20Subscribers%22%2C%22orig_uip%22%3A%22HP%20For%20Subscribers%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Money%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Money%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Wellness%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Wellness%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Sports%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Sports%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20For%20Subscribers%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Money%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Sports%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Wellness%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_3%22%2C%22lbt%22%3A1722326626249%2C%22uifp%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fsports%2Folympics%2F2024%2F07%2F30%2Fparis-olympics-live-updates-results%2F74190687007%2F%22%2C%22%2Fstory%2Fentertainment%2Fcelebrities%2F2024%2F07%2F30%2Ftaylor-swift-uk-mass-stabbing-statement%2F74598487007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Finflation-not-slowing-summer-travel%2F74471975007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Fohio-voter-id-law-disenfranchised%2F74169004007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F17%2Fthomas-matthew-crooks-trump-assassination-plot-execution%2F74438320007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F16%2Ftrump-shooting-assassination-gun-details%2F74425138007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F06%2F21%2Fclaudia-gomez-shooting-border-patrol-texas-rangers-investigation%2F74071719007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F05%2F22%2Fmexican-cartels-supplied-trafficked-guns-from-us%2F73700258007%2F%22%2C%22%2Fstory%2Ftech%2Fproblemsolved%2F2024%2F07%2F30%2Fdinner-ideas-near-me-tech-helps%2F74431391007%2F%22%2C%22%2Fstory%2Flife%2Fanimalkind%2F2024%2F07%2F29%2Ftaquito-bird-amarillo-texas%2F74591198007%2F%22%2C%22%2Fstory%2Fnews%2Fnation%2F2024%2F07%2F29%2Fcobb-county-georgia-well-rescue%2F74587400007%2F%22%2C%22%2Fstory%2Fsports%2Fsportskind%2F2024%2F07%2F29%2Fwatch-these-seniors-bring-the-olympic-spirit-to-a-mock-olympic-games%2F74560902007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F24%2Fbest-photos-from-the-2024-paris-olympic-games%2F74532813007%2F%22%2C%22%2Fpicture-gallery%2Fentertainment%2Fcelebrities%2F2024%2F07%2F26%2F2024-paris-summer-olympics-celebrity-pictures%2F74560892007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F27%2Fsurfs-up-best-photos-from-tahiti-during-paris-olympics%2F74574692007%2F%22%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0bfb7d0e4b0870ebc0ff183b41cad22645ad0e0a5fdd9680affd555d68e5e44f

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
397
date
Tue, 30 Jul 2024 11:32:38 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.8560416666666667
x-fastly-to-nlb-rtt
7396
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722339158.106879,VS0,VE397
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
74587535007-usatsi-23849771.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74587535007-usatsi-23849771.jpg?crop=2325,2325,x1043,y2&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
193d1cd293552293ffe616bdc8d5614172a80a1fa61cd6db08565432ce58a5e6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010246
age
56531
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
1386
server
nginx/1.26.1
etag
"xrisj1n+YId3DjAwHyYzqCMfZ2NxQkKLSDslM366D3A"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74591706007-usatsi-23849774.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74591706007-usatsi-23849774.jpg?crop=1462,1461,x307,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
35c129dc1fc4efa81d433952c2b79219cde25fb54f4522f6d003894111a991ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010226
age
53399
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
1742
server
nginx/1.26.1
etag
"3q3PQok/tgPCEdcgUw0yNmEE49I+ij8wyHNlRddzh/8"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74589509007-afp-2151122303.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74589509007-afp-2151122303.jpg?crop=1767,1766,x463,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
8cee7dc0b8d16b30e53272573dce5b9818a66817b9836fcf6d5989e681f7072a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010216
age
64610
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
1486
server
nginx/1.26.1
etag
"DcGVNcctqeLq92wLenaV2nQftDim9K+bO/mdQ3A4Qzk"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
73790461007-gty-2153650229.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/05/21/USAT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/05/21/USAT/73790461007-gty-2153650229.jpg?crop=2213,2212,x300,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
f94c2570a51f7fd482cfd9bcf0f10a762a4485c2a3d20e726b0f446add15c50a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010228
age
120069
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
1950
server
nginx/1.26.1
etag
"r+LP6sIIM0saYP0fbZ0WxgzQO42aPfylLYsuUha4/wA"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74590856007-2161810267.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74590856007-2161810267.jpg?crop=2400,2399,x1199,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
27ee293e03f3882195f0082b8b6430d932f783f9c6ee9f7e58d32789dba2f1d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010226
age
25242
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
1482
server
nginx/1.26.1
etag
"kFUVhwACZoDsmGDeYXNphR8iyzmwIrOU6ebp/WpzK64"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
73026104007-8-d-g-1-right-07.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/03/19/USAT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/03/19/USAT/73026104007-8-d-g-1-right-07.jpg?crop=1295,1296,x0,y4&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
003dc576864569bf4495ea21431c4506a0976dc6989abb2804ab4aaea31eeb5b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010212
age
1632962
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
1684
server
nginx/1.26.1
etag
"JQtPvOEIx0TwHH2g6E9nJ9SKziWQurCaKDvK55izK8I"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74584942007-usatsi-23840587.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74584942007-usatsi-23840587.jpg?crop=3743,3742,x935,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
eeb2f447bfaadf752ca60e6c92b762f1aafb27fab8ae95501a8f00b3d9071949
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010216
age
84072
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
3320
server
nginx/1.26.1
etag
"LWlhSnTnaD++pyJvUyJSwCjiiB37gYVJuoImssqwIew"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74577424007-072724-cody-fry-bp-0020.JPG
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/28/PIND/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/28/PIND/74577424007-072724-cody-fry-bp-0020.JPG?crop=3510,3511,x0,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
a9e4376510b42f7c0f3932c6ac04297606d292b3b16d88b8c2a34a648375de74
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010212
age
191468
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
1436
server
nginx/1.26.1
etag
"zLkaE9QwX+GM3zrKbV01XAjV04GpceFCH8zdZEiyaQ8"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74515817007-4-yearold-taps-out-big-sister-after-air-force-basic-training-thumb-1.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/23/USAT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/23/USAT/74515817007-4-yearold-taps-out-big-sister-after-air-force-basic-training-thumb-1.jpg?crop=1080,1079,x384,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
f7c149a1c0fd353b211a3dc5642663e47fdd7287c08637e96fd9fa12484c1ce6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010249
age
55892
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
1766
server
nginx/1.26.1
etag
"GSbbzAP1tiTXOEV7LolyPp3p/cq29ulUyPhf5a0GR08"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74593735007-shannon-sharpe.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74593735007-shannon-sharpe.jpg?crop=2278,2278,x688,y174&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
46afe08fb3099d003096a99df6fdc71eef610e1164c3a7f5aa1313a560af8583
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010210
age
54537
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
1804
server
nginx/1.26.1
etag
"3bjsSwidQ7c3BbCA2IBOXi74m3+IhrqoRS3syccualA"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
72482389007-gty-1986616190.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/02/05/USAT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/02/05/USAT/72482389007-gty-1986616190.jpg?crop=2523,2522,x663,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
d210311a9a7b810b2b3423b70dea6e0273d38306c9a1f7da216d95818d39f9e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010226
age
89749
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
1876
server
nginx/1.26.1
etag
"SAYz8IL2Mpzchg3kHUn2MHAezjjrENsYb1LhhK4/Mxs"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74550945007-xxx-2024-summer-travel-th-1387.JPG
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/25/USAT/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/25/USAT/74550945007-xxx-2024-summer-travel-th-1387.JPG?crop=2291,2290,x382,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
10debe8fbccf31bc8f73d11df7bea56a81e85c76474e11bddd11859327a6b465
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010227
age
35889
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
2276
server
nginx/1.26.1
etag
"Fcz7nAgRpyNH7WEMHnwyDbIowNA1X2fgDgcGO1EIWkw"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74582218007-20230426-t-003202-z-1667813184-rc-2-cl-0-aojl-3-y-rtrmadp-3-usaabortionharris.JPG
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/28/USAT/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/28/USAT/74582218007-20230426-t-003202-z-1667813184-rc-2-cl-0-aojl-3-y-rtrmadp-3-usaabortionharris.JPG?crop=6813,3833,x0,y454&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
a886481ebdec5dbd336a75ae7855c7c17c5ae80867f493f477a1f536bef9fa80
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010226
age
94571
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
3980
server
nginx/1.26.1
etag
"04oE2JcKmNH6q7mQIpEOIt3rmqQf6Aix6t84Y0pjoQo"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1722339158138&plid=6fb84e91-6e83-48e5-84ea-dd044df9faca&idsite=genericconfigfree&url=https%3A%2F%2F168.firano2.fun%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22sevenDayReturn%22%3Afalse%7D&tagManager=gciAnalytics%3Aprod%3A0.348.0%3AUSAT-TEALIUM-TANGENT&sid=1&surl=https%3A%2F%2F168.firano2.fun%2F&sref=&sts=1722339157976&slts=0&title=USA+TODAY+-+Breaking+News+and+Latest+News+Today&date=Tue+Jul+30+2024+13%3A32%3A38+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&metadata=%7B%22title%22%3A%22Home%22%2C%22authors%22%3A%5B%5D%2C%22link%22%3A%22https%3A%2F%2Fwww.usatoday.com%2F%22%2C%22isAccessibleForFree%22%3A%22true%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22USA+TODAY+-+Unlimited+Digital+Access%22%2C%22productID%22%3A%22usatoday.com%3Astandard%22%7D%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22USA+TODAY%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fsitelogos%2Fm-oc.svg%22%7D%2C%22tags%22%3A%5B%22type%3Afront%22%2C%22ssts%3Ahome%22%5D%2C%22page_type%22%3A%22index%22%7D&pageDomain=168.firano2.fun&urlRef=https%3A%2F%2F168.firano2.fun%2F&js=1&pvid=1f478797-475b-4b5f-a5e2-fb1f598a8186&u=pid%3D42a917dc-aedd-4012-9caf-8a2c01bd7459
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 11:32:38 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 30-Jul-2024 11:32:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 30 Jul 2024 11:32:38 GMT
cache-control
no-store
server
nginx
917aceb5-8843-4838-af1e-9b3e6b34559f-trk.js
wt.rqtrk.eu/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wt.rqtrk.eu/917aceb5-8843-4838-af1e-9b3e6b34559f-trk.js
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.129.18.121 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-015.roqad.pl
Software
istio-envoy /
Resource Hash
474552300a96cbed0d37079d6356a4f2cfe8eefe9d7dc057b9b529f3621ec134

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
age
50808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
0
last-modified
Thu, 14 Mar 2024 14:30:47 GMT
server
istio-envoy
etag
W/"b68eebcd3d8f4fca1c690239099e1938"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400,public
x-amz-cf-id
SQRC5yCWpIDFefpAE08HvMsCu2ShWZ_lMY8nyxGgBwucbix0qO4Ulg==
expires
Wed, 31 Jul 2024 11:32:38 GMT
bulk
trc.taboola.com/usatodaydemo/log/3/ 		0
78 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi2=18260&tvi50=9058&tvi61=17312&tvi62=14386&cv=20240728-4-RELEASE&bulkSize=4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Tue, 30 Jul 2024 11:32:38 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7294
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339158.447043,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/usatodaydemo/log/3/ 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/visible?route=AM%3AAM%3AV&lti=trecs&tvi2=18260&tvi50=9058&tvi61=17312&tvi62=14386&cv=20240728-4-RELEASE
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:38 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7605
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339158.484904,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
wt.rqtrk.eu/ 		43 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=917aceb5-8843-4838-af1e-9b3e6b34559f&url=https%3A%2F%2F168.firano2.fun%2F&cb=172233915850059&uid=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&gdpr=1&gdpr_consent=null&src=www&type=100&gdpr_pd=0&sid=0
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.129.18.121 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-015.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
3
content-length
43
expires
Tue, 30 Jul 2024 11:32:37 GMT
json
hp.taboola.com/usatodaydemo/trc/3/ 		25 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/usatodaydemo/trc/3/json?llvl=2&tim=13%3A32%3A38.594&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2237745%22%2C%22sd%22%3A%22v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339158_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA%22%2C%22ui%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1722339156455%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2F168.firano2.fun%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9438%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Just%20Curious%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Just%20Curious%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Opinion%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Opinion%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Entertainment%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Entertainment%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Travel%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Travel%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Entertainment%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Just%20Curious%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Opinion%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Travel%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_4%22%2C%22lbt%22%3A1722326626249%2C%22uifp%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fsports%2Folympics%2F2024%2F07%2F30%2Fparis-olympics-live-updates-results%2F74190687007%2F%22%2C%22%2Fstory%2Fentertainment%2Fcelebrities%2F2024%2F07%2F30%2Ftaylor-swift-uk-mass-stabbing-statement%2F74598487007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Finflation-not-slowing-summer-travel%2F74471975007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Fohio-voter-id-law-disenfranchised%2F74169004007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F17%2Fthomas-matthew-crooks-trump-assassination-plot-execution%2F74438320007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F16%2Ftrump-shooting-assassination-gun-details%2F74425138007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F06%2F21%2Fclaudia-gomez-shooting-border-patrol-texas-rangers-investigation%2F74071719007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F05%2F22%2Fmexican-cartels-supplied-trafficked-guns-from-us%2F73700258007%2F%22%2C%22%2Fstory%2Ftech%2Fproblemsolved%2F2024%2F07%2F30%2Fdinner-ideas-near-me-tech-helps%2F74431391007%2F%22%2C%22%2Fstory%2Flife%2Fanimalkind%2F2024%2F07%2F29%2Ftaquito-bird-amarillo-texas%2F74591198007%2F%22%2C%22%2Fstory%2Fnews%2Fnation%2F2024%2F07%2F29%2Fcobb-county-georgia-well-rescue%2F74587400007%2F%22%2C%22%2Fstory%2Fsports%2Fsportskind%2F2024%2F07%2F29%2Fwatch-these-seniors-bring-the-olympic-spirit-to-a-mock-olympic-games%2F74560902007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F24%2Fbest-photos-from-the-2024-paris-olympic-games%2F74532813007%2F%22%2C%22%2Fpicture-gallery%2Fentertainment%2Fcelebrities%2F2024%2F07%2F26%2F2024-paris-summer-olympics-celebrity-pictures%2F74560892007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F27%2Fsurfs-up-best-photos-from-tahiti-during-paris-olympics%2F74574692007%2F%22%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2503e7f5a8524d12329e0716b9195641b648c0ac00db725f3cb297faaa9afb9

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
343
date
Tue, 30 Jul 2024 11:32:38 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.034
x-fastly-to-nlb-rtt
7404
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722339159.625887,VS0,VE343
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
74509067007-headline-card-bottom-2.png
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/23/USAT/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/23/USAT/74509067007-headline-card-bottom-2.png?crop=1919,1079,x0,y0&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
1f9cde5574b22f526311d8b8e8a7858f55647fd869d799d0752c705de2e833e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010217
age
600754
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
4754
server
nginx/1.26.1
etag
"9ODgoACa4t8f9BfC/KtiuEq008s/PrqlydRKw3d62n0"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74590866007-usatsi-23807417.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74590866007-usatsi-23807417.jpg?crop=3664,2060,x148,y0&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
d86d722eb900b21cbafcd3cb36aed43b5f9aec7afa0c9fcfdcd7e9efa522cd54
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010246
age
63311
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
8122
server
nginx/1.26.1
etag
"C9666Ci2CW1IhYEs+G9LntVLWy+F3RFJNYOHwpGPEdI"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74590713007-gty-2163845769.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/29/USAT/74590713007-gty-2163845769.jpg?crop=3284,1847,x1335,y1727&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
1fb85be1efeb468f18bd71852c217f4f50bca86a5baf9dce59a7428bd496f199
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010250
age
5268
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
9034
server
nginx/1.26.1
etag
"mzhpBAHsiAp6rT83oiszQvD/SLicz5m6y61MuXt4KZw"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc.taboola.com/1168/log/3/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?en=pre_d_eng_tb&tos=1657&scd=0&ssd=1&est=1722339157240&ver=36&isls=true&src=i&invt=1500&msa=8051&tim=1722339158898&mrir=u&vi=1722339156455&ref=null&cv=20240729-22-RELEASE&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:39 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7492
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339159.038825,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
unip
trc.taboola.com/1168/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?en=pre_d_eng_tb&tos=1657&scd=0&ssd=1&est=1722339157240&ver=36&isls=true&src=i&invt=1500&msa=8051&tim=1722339158898&mrir=u&vi=1722339156455&ref=null&cv=20240729-22-RELEASE&it=JS_PIXEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://168.firano2.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://168.firano2.fun
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 30 Jul 2024 11:32:38 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-to-nlb-rtt
7588
x-served-by
cache-fra-etou8220049-FRA
x-service-version
v1
x-timer
S1722339159.980155,VS0,VE9
x-vcl-time-ms
9
bulk
trc.taboola.com/usatodaydemo/log/3/ 		0
77 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi2=18260&tvi50=9058&tvi61=17312&tvi62=14386&cv=20240728-4-RELEASE&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:39 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7374
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339159.034423,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
hp.taboola.com/usatodaydemo/trc/3/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/usatodaydemo/trc/3/json?llvl=2&tim=13%3A32%3A39.036&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2229842%22%2C%22sd%22%3A%22v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339158_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA%22%2C%22ui%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1722339156455%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2F168.firano2.fun%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9438%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Politics%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Politics%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Tech%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Tech%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Top%20Table%22%2C%22orig_uip%22%3A%22HP%20Top%20Table%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20NFL%20Bundle%22%2C%22orig_uip%22%3A%22HP%20NFL%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20NFL%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Politics%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Tech%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Top%20Table%3Dorganic-hp-swap-mode%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_5%22%2C%22lbt%22%3A1722326626249%2C%22uifp%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fsports%2Folympics%2F2024%2F07%2F30%2Fparis-olympics-live-updates-results%2F74190687007%2F%22%2C%22%2Fstory%2Fentertainment%2Fcelebrities%2F2024%2F07%2F30%2Ftaylor-swift-uk-mass-stabbing-statement%2F74598487007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Finflation-not-slowing-summer-travel%2F74471975007%2F%22%2C%22%2Fstory%2Fnews%2Fpolitics%2Felections%2F2024%2F07%2F30%2Fohio-voter-id-law-disenfranchised%2F74169004007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F17%2Fthomas-matthew-crooks-trump-assassination-plot-execution%2F74438320007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F07%2F16%2Ftrump-shooting-assassination-gun-details%2F74425138007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F06%2F21%2Fclaudia-gomez-shooting-border-patrol-texas-rangers-investigation%2F74071719007%2F%22%2C%22%2Fstory%2Fnews%2Finvestigations%2F2024%2F05%2F22%2Fmexican-cartels-supplied-trafficked-guns-from-us%2F73700258007%2F%22%2C%22%2Fstory%2Ftech%2Fproblemsolved%2F2024%2F07%2F30%2Fdinner-ideas-near-me-tech-helps%2F74431391007%2F%22%2C%22%2Fstory%2Flife%2Fanimalkind%2F2024%2F07%2F29%2Ftaquito-bird-amarillo-texas%2F74591198007%2F%22%2C%22%2Fstory%2Fnews%2Fnation%2F2024%2F07%2F29%2Fcobb-county-georgia-well-rescue%2F74587400007%2F%22%2C%22%2Fstory%2Fsports%2Fsportskind%2F2024%2F07%2F29%2Fwatch-these-seniors-bring-the-olympic-spirit-to-a-mock-olympic-games%2F74560902007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F24%2Fbest-photos-from-the-2024-paris-olympic-games%2F74532813007%2F%22%2C%22%2Fpicture-gallery%2Fentertainment%2Fcelebrities%2F2024%2F07%2F26%2F2024-paris-summer-olympics-celebrity-pictures%2F74560892007%2F%22%2C%22%2Fpicture-gallery%2Fsports%2Folympics%2F2024%2F07%2F27%2Fsurfs-up-best-photos-from-tahiti-during-paris-olympics%2F74574692007%2F%22%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb09e4ba933f99216327d49b3a04b6abda77d1c4eb8744d5fb02ed0600c6944c

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
356
date
Tue, 30 Jul 2024 11:32:39 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.8154166666666667
x-fastly-to-nlb-rtt
7360
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722339159.074026,VS0,VE356
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
74580167007-jessica-springsteengown.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/28/PAPP/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/28/PAPP/74580167007-jessica-springsteengown.jpg?crop=1023,576,x0,y53&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
146f5b587ca5fed2c1a456f073fd1d572e4890ecd5028c6702f6875e69586f9c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010249
age
143719
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
2940
server
nginx/1.26.1
etag
"hX4MeCwFWIg64PXIHvKZ1U/2MfFOjrEe/aGALF1qHl4"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
247WallSt.com-247WS-833515-imageForEntry2-wOq.jpg
168.firano2.fun/gcdn/media/2021/01/26/USATODAY/usatsports/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/media/2021/01/26/USATODAY/usatsports/247WallSt.com-247WS-833515-imageForEntry2-wOq.jpg?crop=1365,768,x0,y0&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
ff316f09adb23eaf1706954c9cde6e17fca0ac1af3ad99f3874842573ccd552d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010248
age
869429
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
4088
server
nginx/1.26.1
etag
"7JNjX2Ledf8k/4H+wv8of46M9TzztFuv+FYMkFQ1knY"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
74544494007-trumpspeech.jpg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/25/USAT/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/25/USAT/74544494007-trumpspeech.jpg?crop=8246,4638,x0,y421&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
d3b0a9bb7b5774846ea52edd74fd64033003e0a7563873572246270879628fd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010248
age
353965
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
3432
server
nginx/1.26.1
etag
"7CSn26MPugM2T+nfuEmdv6fgUDs1b5tz1WnvVlEHXyQ"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74519766007-img-3179.jpeg
168.firano2.fun/gcdn/authoring/authoring-images/2024/07/23/USAT/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://168.firano2.fun/gcdn/authoring/authoring-images/2024/07/23/USAT/74519766007-img-3179.jpeg?crop=2015,1135,x0,y188&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
b05e97e590f0dd85df5c281b2a306667bbca45249a4ef34ce051f4e95005541d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010216
age
534564
x-cache
MISS, HIT, HIT, MISS
fastly-stats
io=1
content-length
5556
server
nginx/1.26.1
etag
"OdfRY2MFhs40oY/xYu1m51bZhcdqQZX0VxHrgbVEsa4"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
visible
trc.taboola.com/usatodaydemo/log/3/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/visible?route=AM%3AAM%3AV&lti=trecs&tvi2=18260&tvi50=9058&tvi61=17312&tvi62=14386&cv=20240728-4-RELEASE
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:39 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7602
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339159.181356,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
a-01aa
i.liadm.com/s/c/ Frame 2E24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01aa?duid=96506546ef5a--01j41pksey5xd4atj0bh7z3rpy&euns=0&s=&version=v2.14.3&cd=.firano2.fun
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01aa.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.160.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-160-227.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
650
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Jul 2024 11:32:39 GMT
Request-Time
13
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
bulk
trc.taboola.com/usatodaydemo/log/3/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi2=18260&tvi50=9058&tvi61=17312&tvi62=14386&cv=20240728-4-RELEASE&bulkSize=4
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:39 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7613
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339160.711123,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
client-logs
reporting-api.gannettinnovation.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reporting-api.gannettinnovation.com/client-logs
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/main-q1a2z32cba5447.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?type=warn&msg=Placements%20With%20no%20Content%3A%20HP%20Top%20Table&lt=trecs&tvi2=18260&tvi50=9058&tvi61=17312&tvi62=14386&tim=13%3A32%3A39.691&id=32870&cv=20240728-4-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
date
Tue, 30 Jul 2024 11:32:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
49370
json
hp.taboola.com/usatodaydemo/trc/3/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/usatodaydemo/trc/3/json?llvl=2&tim=13%3A32%3A39.695&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2239013%22%2C%22sd%22%3A%22v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339159_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA%22%2C%22ui%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1722339156455%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2F168.firano2.fun%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9438%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20For%20Subscribers%20Bundle%22%2C%22orig_uip%22%3A%22HP%20For%20Subscribers%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Sports%22%2C%22orig_uip%22%3A%22HP%20Sports%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20For%20Subscribers%20Bundle%3Dorganic-hp-swap-mode%3Aabp%3D0%2CHP%20Sports%3Dorganic-hp-swap-mode%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_6%22%2C%22lbt%22%3A1722326626249%2C%22uifp%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22wc%22%3Atrue%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d708bfda3c7099ddaff2776939c4f133edff6f4038d0954c19d89b487fdca499

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
68
date
Tue, 30 Jul 2024 11:32:39 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.02725
x-fastly-to-nlb-rtt
7426
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220090-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722339160.751436,VS0,VE68
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
74596303007-trump-agenda-47.jpg
www.usatoday.com/gcdn/authoring/authoring-images/2024/07/29/USAT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usatoday.com/gcdn/authoring/authoring-images/2024/07/29/USAT/74596303007-trump-agenda-47.jpg?crop=smart&fit=crop&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4a1b626bfd77d51638f5e3531b18bc381eaaad2bd87e750185ddf2e0f585ed3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
img03-us-east4
age
41916
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
1630
etag
"ZwlHVQI9lH8AICYvwzozS8LzNHc6sbzZR8tPZddYwFI"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
74528332007.jpg
www.usatoday.com/gcdn/authoring/videos/videoelephant/thumbnails/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usatoday.com/gcdn/authoring/videos/videoelephant/thumbnails/74528332007.jpg?crop=smart&fit=crop&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a1f9feac24077cc11d4f5dccf0fd09d63a8076f7e47af6dbeaed16d130e549a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010230
age
332944
x-cache
MISS, HIT, MISS, MISS
fastly-stats
io=1
content-length
2830
etag
"VcTIwnXQQ9b6MqZlZuTPpw2Eqh86RBkrfizrhGu6MAk"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?type=warn&msg=Placements%20With%20no%20Content%3A%20HP%20For%20Subscribers%20Bundle%2C%20HP%20Sports&lt=trecs&tvi2=18260&tvi50=9058&tvi61=17312&tvi62=14386&tim=13%3A32%3A39.892&id=39537&cv=20240728-4-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
date
Tue, 30 Jul 2024 11:32:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
52787
json
trc.taboola.com/usatodaydemo/trc/3/ 		40 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/trc/3/json?llvl=2&tim=13%3A32%3A39.900&lti=trecs&pubit=i&t=1&data=%7B%22id%22%3A%2282434%22%2C%22sd%22%3A%22v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339159_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA%22%2C%22ui%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1722339156455%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usatoday.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2F168.firano2.fun%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9438%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Homepage%20Feed%20-%20Feed%20Redesign%22%2C%22orig_uip%22%3A%22Homepage%20Feed%20-%20Feed%20Redesign%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-s%3Aabp%3D0%22%2C%22cd%22%3A7794.25%2C%22mw%22%3A660%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Homepage%20Right%20Rail%20-%20Redesign%22%2C%22orig_uip%22%3A%22Homepage%20Right%20Rail%20-%20Redesign%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-rr-02%3Aabp%3D0%22%2C%22cd%22%3A2065%2C%22mw%22%3A300%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Feed%20-%20Feed%20Redesign%3Dthumbnails-s%3Aabp%3D0%2CHomepage%20Right%20Rail%20-%20Redesign%3Dthumbnails-rr-02%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_7%22%2C%22lbt%22%3A1722326626249%2C%22uifp%22%3A%226b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4%22%2C%22wc%22%3Atrue%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c3837fe520f9d883bc44842861cb484ac82aa1a752817de6dd1d1e490f5768af

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
452
date
Tue, 30 Jul 2024 11:32:40 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.9504166666666666
x-fastly-to-nlb-rtt
7652
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722339160.955428,VS0,VE452
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk
trc.taboola.com/usatodaydemo/log/3/ 		0
77 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi2=18260&tvi50=9058&tvi61=17312&tvi62=14386&cv=20240728-4-RELEASE&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7378
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339160.086484,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
feed-card-placeholder.20240728-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240728-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138323a31dec6019f86f7994b73977daf11c8093221375f8bd5fa34cf26aad84

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
oTKPJH9Latkul.6On4f_5YmKHTi.qiZ6
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:40 GMT
x-amz-request-id
12PGMARMS8NVN37N
age
86082
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
UjEASUUUfhUiNxDMOhMP/WO7xkwMMD0OYHiy1ws3HUfC29ShPx2jLTA44tiXJT0pevm3T6kyaZA=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Mon, 29 Jul 2024 11:37:59 GMT
server
AmazonS3
x-timer
S1722339161.517918,VS0,VE0
etag
"69ff0583a1a2aa6276453e6736677b08"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
36
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
55702
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:40 GMT
x-amz-request-id
PK1APZAGH8YHJZ46
age
47
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
dz3aS3X54kiVsaumQy86kUbkm+UMsOElzXnOZsQMkJJODY4a7WuEEkLnyg1Q1nj0pDZ6LKrEnVY=
x-served-by
cache-fra-etou8220157-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1722339161.541844,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
81
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
33
userx.20240728-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240728-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
323d0dd7c28132fc0c4b502824ebe3bc36d034f67be2f7770d2dc09ba8fd372b

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
eI3KF2Jv6Q38bxVKA5YTa36o.yctL0In
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:40 GMT
x-amz-request-id
6WX9SMT3B1FHX0KR
age
86035
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5569
x-amz-id-2
wtYedz85XT9lchZCEMjpoJ1adFnoJQYjT+fpKxk2sCkxU29zhWuFMK9qG0VHAElMTzAEspYbiYU=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Mon, 29 Jul 2024 11:38:46 GMT
server
AmazonS3
x-timer
S1722339161.574082,VS0,VE0
etag
"bb6a447900669808ed58903ab381eaf9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
77
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
14433
distance-from-article.20240728-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240728-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc57e14f36754044a7dcc045f0788dddef016f0cc9331ca8dad3e52e787c65d5

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
OnQiksyRK5gN.Tx60EydCNbeWYQVX8h2
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:40 GMT
x-amz-request-id
7977100PDS2ACZKA
age
86090
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1523
x-amz-id-2
az7KmE2WYM/tRKuFJHbJ4MBIvzTQOJBFOZOYA5yjqcuIeAA0JaGu+Xc1PIyh0ibzim8vDo9No0E=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Mon, 29 Jul 2024 11:37:51 GMT
server
AmazonS3
x-timer
S1722339161.574706,VS0,VE0
etag
"989324d1d34c1712977894a3007068f1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
59
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
57893
article-detection.20240728-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240728-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0354b17e9fd66d5502fe730aef94e80464f6b5d331cdd78d7424f895c9436a40

Request headers

Referer
https://168.firano2.fun/
Origin
https://168.firano2.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
8bCIj2JgBsRZKnW278EclH2DfFmRkcVa
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 11:32:40 GMT
x-amz-request-id
YXYZ6X71RMQ0S5WF
age
86102
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
G/q4Z2eIBzDA7O2R8u3SPapYtRgUeSK9TN28gq1Yw5ym73wSjFoson/LsFK1Kjm/DVQV2dX49/4=
x-served-by
cache-fra-etou8220114-FRA
last-modified
Mon, 29 Jul 2024 11:37:39 GMT
server
AmazonS3
x-timer
S1722339161.574363,VS0,VE0
etag
"30a9134e46f3fe8722c5997d518329ae"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
57863
metrics
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
dc0a5fa856b2b8d9c4714705a98ea5bf.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1116%2Cx_0%2Cy_0/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1116%2Cx_0%2Cy_0/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc0a5fa856b2b8d9c4714705a98ea5bf.jpg
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c26bc75108230b3252f1cd34578e2fd0191b857f8749f7aac3d41634c96dcdb

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1116%2Cx_0%2Cy_0/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc0a5fa856b2b8d9c4714705a98ea5bf.jpg
age
945247
edge-cache-tag
369290803199696796385305603212204618204,312269660274188141035148244878899041443,29ecf9b93bbf306179626feeda1fab70
cache-tag
369290803199696796385305603212204618204,312269660274188141035148244878899041443,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
576
req-referer
https://www.kicker.de/
content-length
15946
x-request-id
a34c48da0d6456b0b1f148d5cbb22ee1
x-served-by
cache-iad-kiad7000168-IAD, cache-iad-kiad7000168-IAD, cache-lga21960-LGA, cache-iad-kcgs7200038-IAD, cache-fra-etou8220157-FRA
x-orig-request-id
3e28a65185ce269ad9b68bd0272111d5
last-modified
Wed, 03 Jul 2024 13:06:26 GMT
server
nginx
surrogate-reporting
width=400,height=223,bytes=19983,owidth=1200,oheight=628,obytes=134741,ef=(1,13,17,23,30)
x-timer
S1722339161.796185,VS0,VE0
etag
"2793106c07ee13aea5ca6c76be729ab1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 9, 2
fd4c394f562ec6ed27f337d2304d6bf9.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_612%2Cx_0%2Cy_30/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_612%2Cx_0%2Cy_30/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd4c394f562ec6ed27f337d2304d6bf9.jpg
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe909ce51407195e3de74c0c1f54e551f9d2f130d62a56d4082ff412b15258d4

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_612%2Cx_0%2Cy_30/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fd4c394f562ec6ed27f337d2304d6bf9.jpg
age
306129
edge-cache-tag
395600920218883893890527780641506489125,542629780859112427920478966450646959999,29ecf9b93bbf306179626feeda1fab70
cache-tag
395600920218883893890527780641506489125,542629780859112427920478966450646959999,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
335
req-referer
https://cdn.taboola.com/
content-length
14716
x-request-id
4cdf7a7f5ecca7b46ff17d9505096486
x-served-by
cache-iad-kcgs7200094-IAD, cache-iad-kcgs7200094-IAD, cache-lga21959-LGA, cache-iad-kjyo7100060-IAD, cache-fra-etou8220157-FRA
x-orig-request-id
afd3797eda75a4b28bfb97d4d4b6341c
last-modified
Fri, 26 Jul 2024 15:54:00 GMT
server
nginx
surrogate-reporting
width=400,height=223,bytes=19151,owidth=612,oheight=408,obytes=47952,ef=(1,13,17,23,30)
x-timer
S1722339161.796194,VS0,VE1
etag
"c0620db4cb5d709999dca6cfe2a9d8a4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 0
49b9bf5fd608673a9a32904ca3c980a0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49b9bf5fd608673a9a32904ca3c980a0.jpg
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b86fe4efe704d6b995ff9b5c0d66019d1991dce6637b44e3a476f89f3aabbcba

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49b9bf5fd608673a9a32904ca3c980a0.jpg
age
2253509
edge-cache-tag
521397645278227902548400539763665615784,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-tag
521397645278227902548400539763665615784,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
298
req-referer
https://www.mopo.de/
content-length
22402
x-request-id
5db09fcfa8bd1e933390856f83cf4172
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kiad7000027-IAD, cache-lga21934-LGA, cache-iad-kiad7000057-IAD, cache-fra-etou8220157-FRA
last-modified
Thu, 08 Feb 2024 09:07:13 GMT
server
nginx
surrogate-reporting
width=400,height=223,bytes=29443,owidth=1067,oheight=600,obytes=571030,ef=(1,13,17,23,30)
x-timer
S1722339161.797047,VS0,VE1
etag
"ad1c6f4b144cae47bcd00fcaa15a1557"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 19, 0
7ea40e5bde15759afa32de297ccee5e3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ea40e5bde15759afa32de297ccee5e3.png
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e73e00d8d089257bfedf402c635cd708b07d1eeeb9c349038f8dc281c83cbe2c

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ea40e5bde15759afa32de297ccee5e3.png
age
3008284
edge-cache-tag
619579981764559243798476571692719475688,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-tag
619579981764559243798476571692719475688,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
503
req-referer
https://www.schwaebische.de/
content-length
19656
x-request-id
69996818864d29edd02fd09df5c615f9
x-served-by
cache-iad-kiad7000057-IAD, cache-iad-kcgs7200126-IAD, cache-ewr18130-EWR, cache-iad-kcgs7200057-IAD, cache-fra-etou8220157-FRA
last-modified
Tue, 28 May 2024 03:50:02 GMT
server
nginx
surrogate-reporting
width=400,height=223,bytes=31392,owidth=1067,oheight=600,obytes=1201172,ef=(1,13,17,23,30)
x-timer
S1722339161.797021,VS0,VE0
etag
"81c487cf1055f3239a3d8ea049e786cd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
Kipling_7.21.24.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reviewed-com-res.cloudinary.com/image/fetch/s--qbYm6U6---/b_white%2Cc_limit%2Ccs_... 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reviewed-com-res.cloudinary.com/image/fetch/s--qbYm6U6---/b_white%2Cc_limit%2Ccs_srgb%2Cf_auto%2Cfl_progressive.strip_profile%2Cg_center%2Cq_auto%2Cw_1200/https%3A//reviewed-production.s3.amazonaws.com/1721582833660/Kipling_7.21.24.png
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cb5a69794f5bd7dac06947c9d5b065dae84fb0e34f9863d3b82f750a10982ba

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reviewed-com-res.cloudinary.com/image/fetch/s--qbYm6U6---/b_white%2Cc_limit%2Ccs_srgb%2Cf_auto%2Cfl_progressive.strip_profile%2Cg_center%2Cq_auto%2Cw_1200/https%3A//reviewed-production.s3.amazonaws.com/1721582833660/Kipling_7.21.24.png
age
590981
edge-cache-tag
616673498912242736733217654327479085309,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
616673498912242736733217654327479085309,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
511
req-referer
https://www.dispatch.com/
content-length
14584
x-request-id
6fe43680873aa0f04c4266070f867180
x-served-by
cache-iad-kcgs7200156-IAD, cache-iad-kcgs7200156-IAD, cache-lga21982-LGA, cache-iad-kcgs7200060-IAD, cache-fra-etou8220157-FRA
x-orig-request-id
b7e9318a6e81352df318f2a22d95a034
last-modified
Tue, 23 Jul 2024 15:21:28 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=84864,owidth=1200,oheight=675,obytes=90923,ef=(1,13,17,23,30)
x-timer
S1722339161.797038,VS0,VE1
etag
"5120fb02427a9f10684347f07a0c12f6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 175, 1
TheraBreath_Hero_7-22-24.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reviewed-com-res.cloudinary.com/image/fetch/s--1XcMYQII--/b_white%2Cc_limit%2Ccs_... 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reviewed-com-res.cloudinary.com/image/fetch/s--1XcMYQII--/b_white%2Cc_limit%2Ccs_srgb%2Cf_auto%2Cfl_progressive.strip_profile%2Cg_center%2Cq_auto%2Cw_1200/https%3A//reviewed-production.s3.amazonaws.com/1721671402162/TheraBreath_Hero_7-22-24.png
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ded26b6f9fad942d4fa5e5e48607bb2a7c0e00491fbd3f05657f25818d6cd69e

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reviewed-com-res.cloudinary.com/image/fetch/s--1XcMYQII--/b_white%2Cc_limit%2Ccs_srgb%2Cf_auto%2Cfl_progressive.strip_profile%2Cg_center%2Cq_auto%2Cw_1200/https%3A//reviewed-production.s3.amazonaws.com/1721671402162/TheraBreath_Hero_7-22-24.png
age
595869
edge-cache-tag
437065466383863342153728507210833206378,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
437065466383863342153728507210833206378,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
500
req-referer
https://www.jsonline.com/
content-length
9002
x-request-id
98632ecc32952fe864e491a4ecf07cb5
x-served-by
cache-iad-kcgs7200125-IAD, cache-iad-kcgs7200125-IAD, cache-bur-kbur8200121-BUR, cache-iad-kiad7000170-IAD, cache-fra-etou8220157-FRA
x-orig-request-id
71613b58099871670f3c041d363a06cb
last-modified
Tue, 23 Jul 2024 13:59:48 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=48248,owidth=1200,oheight=675,obytes=55796,ef=(1,13,17,23,30)
x-timer
S1722339161.796201,VS0,VE0
etag
"80c7412d50b7e088ea4d08fa114e2014"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 98, 3
GettyImages-dv1474023-scaled-e1700031299669.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/money/blueprint/images/uploads/2023/11/15025409/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/money/blueprint/images/uploads/2023/11/15025409/GettyImages-dv1474023-scaled-e1700031299669.jpg
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4373f8a04126162fa9aeb0941890a2375a1c21398f0873406ad64ca93cae5b8

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/money/blueprint/images/uploads/2023/11/15025409/GettyImages-dv1474023-scaled-e1700031299669.jpg
age
613482
edge-cache-tag
352406887101975536340073729926794299384,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-tag
352406887101975536340073729926794299384,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
44
expiration
expiry-date="Mon, 08 Apr 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.usatoday.com/
fastly-restarts
1
content-length
13270
x-served-by
cache-iad-kcgs7200031-IAD, cache-iad-kcgs7200031-IAD, cache-lax-kwhp1940061-LAX, cache-fra-etou8220157-FRA
last-modified
Fri, 08 Mar 2024 04:04:28 GMT
server
nginx
surrogate-reporting
width=400,height=223,bytes=36919,owidth=1200,oheight=675,obytes=102558,ef=(1,13,17,23,30)
x-timer
S1722339161.847747,VS0,VE1
etag
"c9f42f0b2d98cea6de801f11223b6590"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 21, 0, 0
abtests
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/abtests?route=AM:AM:V&tvi2=18260&tvi50=9058&lti=trecs&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u_usatoday_auto_refresh%22%2C%22type%22%3A%7B%22auto_refresh%22%3Afalse%7D%2C%22eventTime%22%3A1722339160726%7D&tim=13%3A32%3A40.726&id=673&llvl=2&ri=5bd778875ab19bb1625b2edc73b3efb6&sd=v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339159_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA&ui=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&pi=/&wi=7846795646874050930&pt=home&vi=1722339156455&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240728-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://168.firano2.fun
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
451716301014c4507bd6fa4bb7f10d85.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/451716301014c4507bd6fa4bb7f10d85.jpeg
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
341f527229dc3425d3aa9c4e5f06483476a67fc466aa87963b3f2794f5a0008b

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Jul 2024 11:32:40 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/451716301014c4507bd6fa4bb7f10d85.jpeg
age
2317768
edge-cache-tag
443539359167793492470169144513758445948,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
443539359167793492470169144513758445948,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
429
req-referer
https://zone.msn.com/
content-length
20188
x-request-id
50ea235913e17b9364a7804cb56d8f66
x-served-by
cache-iad-kiad7000175-IAD, cache-iad-kiad7000175-IAD, cache-lga21964-LGA, cache-iad-kcgs7200146-IAD, cache-fra-etou8220157-FRA
x-orig-request-id
f4a66c8ae67a8a6476c03b8046f06e9a
last-modified
Wed, 03 Jul 2024 12:48:41 GMT
server
nginx
surrogate-reporting
width=360,height=180,bytes=37313,owidth=1200,oheight=628,obytes=468988,ef=(1,13,17,23,30)
x-timer
S1722339161.850207,VS0,VE1
etag
"24f1b5b307b9b32dc42beba18345913e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 350, 0
debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?tim=13%3A32%3A40.732&type=usage&msg=image_utils-event-1722339160732&llvl=2&id=6797&cv=20240728-4-RELEASE&lt=trecs&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_matched%22%2C%22itemId%22%3A%22~~V1~~3074190069428065615~~_4NGgBUZyd68H%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
53827
debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?tim=13%3A32%3A40.733&type=usage&msg=image_utils-event-1722339160733&llvl=2&id=6661&cv=20240728-4-RELEASE&lt=trecs&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_matched%22%2C%22itemId%22%3A%22~~V1~~-4917745642089860984~~ZvQa1D-JHnQ4%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
53827
debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?tim=13%3A32%3A40.733&type=usage&msg=image_utils-event-1722339160733&llvl=2&id=8398&cv=20240728-4-RELEASE&lt=trecs&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~-3880780003325076979~~LRHiQprbsLxk%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
53827
supply-feature
am-trc-events.taboola.com/usatodaydemo/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/usatodaydemo/log/3/supply-feature?route=AM:AM:V&tvi2=18260&tvi50=9058&lti=trecs&ri=5bd778875ab19bb1625b2edc73b3efb6&sd=v2_1642e3958bb068189059c607fc609325_6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4_1722339156_1722339159_CIi3jgYQkAkY58Onm5AyIAEoATA4OJvjCUCIihBI0bzZA1D___________8BWABgAGiQp9OKwPz81E9wAA&ui=6b465cda-47a1-4865-8bd4-9d1bb279f3bf-tuctda254d4&pi=/&wi=7846795646874050930&pt=home&vi=1722339156455&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22265%22%2C%22event_msg%22%3A%220%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A32%3A40.759&id=8105&llvl=2&cv=20240728-4-RELEASE&
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 30 Jul 2024 11:32:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
syncframe
gum.criteo.com/ Frame 8CF5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=168.firano2.fun
Requested by
Host: 168.firano2.fun
URL: https://168.firano2.fun/tangstatic/js/pbjsandwichdirecta9-q1a2z3fcaf4e25.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 11:32:41 GMT
server
Kestrel
server-processing-duration-in-ticks
397080
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js?cb=31085684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
1e03711ca2b5e2f6de8ab7752c10b2ad99ba1e3ff50e70017ddfdabddba6848d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12875
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407250101/pubads_impl.js?cb=31085684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Jul 2024 11:32:41 GMT
mbox
vidanalytics.taboola.com/putes/ 		2 B
132 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/mbox
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-served-by
cache-fra-etou8220157-FRA
date
Tue, 30 Jul 2024 11:32:41 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1722339161.489282,VS0,VE66
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://168.firano2.fun
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102
bulk
trc.taboola.com/usatodaydemo/log/3/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/usatodaydemo/log/3/bulk?tvi2=18260&tvi50=9058&route=AM%3AAM%3AV&lti=trecs&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Tue, 30 Jul 2024 11:32:41 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7330
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339162.528370,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://168.firano2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
180171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jul 2024 09:29:50 GMT
expires
Mon, 28 Jul 2025 09:29:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 30 Jul 2024 11:32:41 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
8545
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220157-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1722339162.821090,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
86
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
9224
favicon.ico
168.firano2.fun/ 		476 B
979 B 		Other
General
Check archive.org
Download Go to
Full URL
https://168.firano2.fun/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.132.192.168 Istanbul, Turkey, ASN201575 (WORLDBUS, GE),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
b5ed15c9685df163a6a25e1faad97b2f232717d946e1ac799ab3d74fceb05dbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:32:41 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security
max-age=63072000
age
2261540
x-cache
HIT, HIT
content-length
451
last-modified
Thu, 04 Jul 2024 07:07:21 GMT
server
nginx/1.26.1
x-timer
S1722339162.939732,VS0,VE1
etag
"66864a29-1c3"
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/x-icon
cache-control
public, max-age=864000, stale-while-revalidate=31536000
accept-ranges
bytes
unip
trc.taboola.com/1168/log/3/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?en=pre_d_eng_tb&tos=4679&scd=0&ssd=1&est=1722339157240&ver=36&isls=true&src=i&invt=3000&msa=8051&tim=1722339161920&mrir=u&vi=1722339156455&ref=null&cv=20240729-22-RELEASE&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1168/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://168.firano2.fun/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 30 Jul 2024 11:32:42 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7248
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220157-FRA
pragma
no-cache
server
nginx
x-timer
S1722339162.995446,VS0,VE8
content-type
image/gif
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
unip
trc.taboola.com/1168/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1168/log/3/unip?en=pre_d_eng_tb&tos=4679&scd=0&ssd=1&est=1722339157240&ver=36&isls=true&src=i&invt=3000&msa=8051&tim=1722339161920&mrir=u&vi=1722339156455&ref=null&cv=20240729-22-RELEASE&it=JS_PIXEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://168.firano2.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://168.firano2.fun
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 30 Jul 2024 11:32:41 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-to-nlb-rtt
7580
x-served-by
cache-fra-etou8220049-FRA
x-service-version
v1
x-timer
S1722339162.941299,VS0,VE9
x-vcl-time-ms
9
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QQ6YP2J211&gtm=45je47t0v872457263za200&_p=1722339157560&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1108207369.1722339156873&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dp=%2F&dl=https%3A%2F%2F168.firano2.fun%2F&dr=&sid=1722339157&sct=1&seg=1&dt=USA%20TODAY%20-%20Breaking%20News%20and%20Latest%20News%20Today&en=page_view&_ee=1&epn.d022_client_pixel_ratio=1&ep.d039_client_domain=firano2.fun&ep.d040_client_gpc=no&ep.d051_client_time_of_day=1%3A30%20pm&ep.d041_client_time_zone_offset=2&ep.d099_content_cst=homepage&ep.d095_content_ssts_section=home&ep.d096_content_ssts_subsection=null&ep.d098_content_ssts_subtopic=null&ep.d097_content_ssts_topic=null&ep.d134_content_type=homefront&ep.d146_page_is_initial_view=true&ep.d001_event_type=pageview&ep.d189_page_ab_variant=HP4U_B2&ep.d002_page_analytics_implementation=gciAnalytics%3Aprod%3A0.348.0%3AUSAT-TEALIUM-TANGENT&ep.d003_page_analytics_implementation=gciAnalytics%3Aprod%3A0.348.0%3AUSAT-TEALIUM-TANGENT&ep.d142_page_app_version=0.4322.0&ep.d015_page_bot_status=f&ep.d009_page_canonical_url=https%3A%2F%2Fwww.usatoday.com&ep.d005_platform=desktop&ep.d136_application=tangent&ep.d141_page_full_url=https%3A%2F%2F168.firano2.fun%2F&ep.d010_gci_unit=USAT-E&ep.d004_ga_client_id=&ep.d180_page_has_video=yes&ep.d144_page_is_brandlock=no&ep.d013_publication_city=Washington&ep.d014_publication_name=USA%20TODAY&ep.d008_publication_state=VA&ep.d007_publication_region=usatoday&ep.d135_page_referral_page=&ep.d031_website_id=USAT&ep.d034_page_legacy_company=Gannett&ep.d021_publication_tier=A&ep.d057_user_agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&ep.d049_user_anonymous_id=f03c29b0-ea76-42d6-9556-a7314bf4f7dd&ep.d083_user_auth_response=network%20failure%20reaching%20GUP%2C%20fb0%2C%20c0&tfd=7709
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://168.firano2.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 11:32:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://168.firano2.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
user.usatoday.com
URL
https://user.usatoday.com/USAT-GUP/user/
Domain
eu.usatoday.com
URL
https://eu.usatoday.com/
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407250101&jk=549574755693303&bg=!gYKlgs3NAAZTFZZkcxU7ADQBe5WfOBc-Mkl3eaf1aJWuek5sptLzYqtMdYwhdoPo2LcQvQrw9C01VroKkASHnrdJtOQZAgAAAMxSAAAAAmgBB34ANvKXDMSvFz_VXSAmCEfOrxReDRP_Je2Rl8v17Oo7qsmiQ-pT2lx8XdOhN8XH90eGqkpXxqGkt5kC_ktaw55gS0uVSShstDCDiy3OhfZXvBD9ImjXmgRWE0XCMA9zDLJmMI-fOgD9AgXyU3djU8FLfXilhy7OwHqxbbpPQVgjR9p4I5d-W3L8e5H5gaHnoB3YgbfPHsmJ-XPUIfwKtxO87fGhs3LVof2r4p3SACCAcJgnQqWc-_CRYp8DMqnk_cL74ulpJ-030P7AzHP63esPx3z0Mz2TbK32RxSPOcBJQ7Lp4bNFmz630pODdh4O9mv8EWNNS1wAd0tFqI2qzc0qVEUT1aCwZLYE_ZaJ-8goFCBpicMB1BVX2dgXlLT2Up2w3v6zB9NkaHUzuOoURtCNBMd84aY0kZbHqdQMM0m1SIvVz-2nm_RZM24pgS9zIXj39HOmdGVHWaGw1_tkByHqRF2ARM0WJ_zjeTSjNgWmSigymmbuH3xsLqUmEt19LtDDE7_nkszaVkxH9mUT1poJd_RgurhMvQYnHnHBpDhIda81iG52c4hEvVmg-TE0cuHNlZJCIZAuHYauLeL8NtYKoT3nBlN2XTAx7nM7Iea1v6Gne0E81-DGvwB12MjLAQArUy9F2iGeGAxYwW9G_NYNvKqnjXEsWyEaJp5F-Ydl1q6J5rKzjTJRAsilO7tT6T4K3fB15zIzPLD0-nFSekTdmfXlzNUabSSEQaN8jfrjW7fQOF5-IXjfHw7hAK2_zVA5wydPZsPmQPZGFbqU6jo67OCBjXbK0MIRmPv3sS0bJGazEBbgfsmwhEIOforKxTAeFaFJ6JTZof9KN60l0vpWAJLvGBCyG2YA3YI7GA0OK6XwZOXVTZhUHZOESCpEMlAKl8lhZx3wMBEzNd_Hq4g0PZTHns_xt4HevNomyRCmry9WcQiyNCzBteL0hANOwwYMYWKVHCOcz0sPq6vjxI9NsjBVo9AGU39D2JAdSXjm3IWTXDy2U4Kx4QbEwrcNGy08TuN5LATzApQJzf5AXpBmq_WF2tgG4dqfbxL9os_3g6H59egSVkCR7of4DSwWUyYrl0pxHLqeOiQ

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| gnt object| g$ object| _taboola object| googletag object| __iasPET object| confiant object| pbjs object| brandmetrics function| __assign object| gciAnalytics string| gciAnalyticsUAID object| ggeac object| google_tag_data object| google_js_reporting_queue object| Criteo object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_149 object| Criteo_prebid_149 object| pbjsChunk object| _pbjsGlobals object| diagPixSentCodes object| __iasAdRefreshConfig object| _aps boolean| apstagLOADED object| apstag object| apscustom object| TRC function| _TPrmse object| taboolaEvents object| _tblConsole number| trc_debug_level object| __visibleCallbackList object| __visibleElementToIdMap object| __visibleIdToElementMap boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn string| pm_pgtp number| taboola_view_id function| __spreadArray object| _brandmetrics object| google_reactive_ads_global_state boolean| creativeVendorLibraryLoaded object| __iasADX function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_item_url string| trc_map_url object| trc object| PARSELY object| liQ number| google_unique_id string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation object| pmglb object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| PublisherCommonId function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| dg function| _typeof object| _tfa object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM string| nam function| GooglemKTybQhCsO function| google_trackConversion object| LI object| __li__evt_bus object| liQ_instances object| google_tag_manager object| dataLayer object| GooglebQhCsO function| gtag object| gaGlobal function| roq function| md5 object| placementData object| _newsroom object| tbopt object| GoogleGcLKhOms object| google_image_requests

30 Cookies

Domain/Path Name / Value
.liadm.com/j Name: lidid
Value: 0db6060f-9e30-4159-9edc-4bd6c8abacc6
i.liadm.com/s Name: _li_ss
Value: CjQKBQgKEMIYCgUIBhDCGAoFCAwQzBgKBgiiARDCGAoFCAsQwhgKBgiLARDCGAoGCNIBEMIY
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.firano2.fun/ Name: _ga
Value: GA1.1.1108207369.1722339156873
168.firano2.fun/ Name: last_front
Value: homepage
.firano2.fun/ Name: _li_dcdm_c
Value: .firano2.fun
.firano2.fun/ Name: _lc2_fpi
Value: 96506546ef5a--01j41pksey5xd4atj0bh7z3rpy
.firano2.fun/ Name: _lc2_fpi_meta
Value: {%22w%22:1722339157470}
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.168.firano2.fun/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://168.firano2.fun/%22%2C%22sref%22:%22%22%2C%22sts%22:1722339157976%2C%22slts%22:0}
.firano2.fun/ Name: _ga_QQ6YP2J211
Value: GS1.1.1722339157.1.1.1722339158.0.0.0
.168.firano2.fun/ Name: _parsely_visitor
Value: {%22id%22:%22pid=42a917dc-aedd-4012-9caf-8a2c01bd7459%22%2C%22session_count%22:1%2C%22last_session_ts%22:1722339157976}
.liadm.com/ Name: lidid
Value: 0db6060f-9e30-4159-9edc-4bd6c8abacc6
.firano2.fun/ Name: _li_ss
Value: CjQKBQgKEMIYCgUIBhDCGAoFCAwQzBgKBgiiARDCGAoFCAsQwhgKBgiLARDCGAoGCNIBEMIY
.firano2.fun/ Name: _li_ss_meta
Value: {%22w%22:1722339160008%2C%22e%22:1724931160008}
.turn.com/ Name: uid
Value: 7663920622068052062
.mathtag.com/ Name: uuid
Value: a1c366a8-cf58-4b00-8e3f-34d38384f416
.rezync.com/ Name: zync-uuid
Value: 2ff6990a-fa57-4827-be73-0190f8ddec19:1722339160.4310746
.addthis.com/ Name: na_id
Value: 2024073011324055100165783774
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 66a8cf58d0ae8f9a
.addthis.com/ Name: ouid
Value: 66a8cf5800011fdfd9efc61b84a0c12093b71c32fb51b535557c
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4HCAXLCbaEIhVu7ud9C6s0qn9LwoMYzybLooSnustV_UDZq5F1LPcCgjf9rO_9M6AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjE1BDINzCzNhPgMdYNSI40i_C2985OzAgGc3Vi8JQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13Iuw2AMAwFwAmoMoeRP8HOY5tA4oEoKZmUEony7iqhmQ5wp-xbUG0adMwwYgFnG2Oegl1C1QzivFYTjup3Wb4M4Pn5BWsqFltaAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjE1BDINzCzNhPgMdYNSI40i_C2985OzAgGc3Vi8JQAAAA
.dlx.addthis.com/ Name: na_sc_x
Value: 1
live.rezync.com/ Name: sd-session-id
Value: .eJwNjMsOwiAQAP9lz8Xs8l5-psGyJESLptSLjf8ut5lkMhesbzn23KWfkM7jIwtszzZtQLpgtO8uD0jgCKNzHIx1NBE9e_gtMGSM9uprK7PRtXpmzKpmF5SNOqi7BKOQGGssRTbiREFrY5g83qwhDHZ-_rLXJaM.ZqjPWA.5Soz4vdVnFH-G150nUYsFQGEtEQ
.criteo.com/ Name: uid
Value: 41777c11-756b-4051-a4b3-64409cbf0713
.firano2.fun/ Name: cto_bundle
Value: q1FFkV9sdWxvNEhsanl0UHl6TVA0WndTWjR0c1FyJTJCZTk2b01xSUl5aHdDanhoSUJJT1U1WUxEeUZDQVV3QzRyZlpVNnQ3d3VSbTBFejBhZ1NiVVQ0aGFRWWNvZGlzRHF1TENPdkMzY0lBbEFkcjhKeFpoNEhlN05QOVN2ejFVJTJCYkx4UVdUNGslMkJmUVNXTWJJajklMkJhZ1FRNnJzZyUzRCUzRA

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, display-capture, geolocation, microphone, payment, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
other warning URL: https://168.firano2.fun/tangstatic/js/main-q1a2z32cba5447.min.js(Line 9)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
javascript error URL: https://168.firano2.fun/
Message:
Access to link element resource at 'https://user.usatoday.com/USAT-GUP/user/' from origin 'https://168.firano2.fun' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://user.usatoday.com/USAT-GUP/user/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://168.firano2.fun/pbd/cookie_sync
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://168.firano2.fun/pbd/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://168.firano2.fun/pbd/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

168.firano2.fun
a.teads.tv
aax.amazon-adsystem.com
am-trc-events.taboola.com
apv-launcher.minute.ly
b-code.liadm.com
bd62e467cd1740d6abbab9134bf76553.safeframe.googlesyndication.com
bidder.criteo.com
c.amazon-adsystem.com
c2.taboola.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.parsely.com
cdn.taboola.com
cds.taboola.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
display.bidder.taboola.com
eu.usatoday.com
googleads.g.doubleclick.net
gum.criteo.com
hp.taboola.com
i.liadm.com
images.taboola.com
p1.parsely.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.adsafeprotected.com
pm-widget.taboola.com
region1.google-analytics.com
reporting-api.gannettinnovation.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
tpc.googlesyndication.com
traxex.gannettdigital.com
trc.taboola.com
user.usatoday.com
vidanalytics.taboola.com
wt.rqtrk.eu
www.gannett-cdn.com
www.googleadservices.com
www.googletagmanager.com
www.usatoday.com
eu.usatoday.com
pagead2.googlesyndication.com
user.usatoday.com
104.18.20.97
13.224.186.120
141.226.224.32
141.226.228.48
142.250.184.226
142.250.186.130
151.101.1.44
151.101.129.44
151.101.130.62
151.101.194.62
151.101.65.44
172.217.16.130
172.217.18.2
178.250.1.8
18.200.203.149
18.239.83.98
18.244.15.236
18.245.31.9
18.66.219.59
188.132.192.168
199.232.211.52
2.19.217.101
20.50.2.28
2001:4860:4802:32::36
23.197.10.19
2600:1f18:730:b140:9dca:8420:89e4:aa25
2600:9000:2165:8600:8:48e:53c0:93a1
2600:9000:2304:8e00:8:8845:1500:93a1
2606:4700:20::ac43:45bf
2a00:1450:4001:80e::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:831::2001
2a02:2638:3::c
3.212.16.194
34.149.193.192
54.167.160.227
57.129.18.121
63.34.81.234
003dc576864569bf4495ea21431c4506a0976dc6989abb2804ab4aaea31eeb5b
03373bc076531e13daef50b52ac91ffebb26a7a6b15b54a29d795376a02f2244
0354b17e9fd66d5502fe730aef94e80464f6b5d331cdd78d7424f895c9436a40
0472428f92b856b16ed34d35ecd5ac87263cc602f52becd80a77967c62645c51
054e016a77583aeb6cf4062043c10357f28911fe6111d70ffb14af3411e9d85c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09ff51e8da83c9e21d60dfe0362dd8ba6757e563659f1ab043779e1dd5118b4b
0bfb7d0e4b0870ebc0ff183b41cad22645ad0e0a5fdd9680affd555d68e5e44f
0f80b25c2ca04a416d1b54688291cf92dcf19d4304f18e7c81da39c88b922d2d
10debe8fbccf31bc8f73d11df7bea56a81e85c76474e11bddd11859327a6b465
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b
138323a31dec6019f86f7994b73977daf11c8093221375f8bd5fa34cf26aad84
146f5b587ca5fed2c1a456f073fd1d572e4890ecd5028c6702f6875e69586f9c
18980d9fc28c047aeac36109453bd5b4cc1840a2eda1df4214a10c7b06316773
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
193d1cd293552293ffe616bdc8d5614172a80a1fa61cd6db08565432ce58a5e6
1cb5a69794f5bd7dac06947c9d5b065dae84fb0e34f9863d3b82f750a10982ba
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
1e03711ca2b5e2f6de8ab7752c10b2ad99ba1e3ff50e70017ddfdabddba6848d
1f4e656a3d174523f85660dfb2bd8d69ef9b1c1a5d7972bf1550db0b8be68a32
1f9cde5574b22f526311d8b8e8a7858f55647fd869d799d0752c705de2e833e4
1fb85be1efeb468f18bd71852c217f4f50bca86a5baf9dce59a7428bd496f199
213cbc6e2efeb3d34dd9da00efe168224045c8c75c863eb318cc97ce2d3d1fcc
2619cd81b77d3c1689aba1fdc66426ac702ca7a09345267b05f188d32d655304
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27ee293e03f3882195f0082b8b6430d932f783f9c6ee9f7e58d32789dba2f1d7
2a1f9feac24077cc11d4f5dccf0fd09d63a8076f7e47af6dbeaed16d130e549a
2aad942af19d9b1a2128e8c942c093ae0695d64e6a56fd66d5f51e7098972fce
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2bed13527b4a8a0de6ad6d017c31f8823d4d6e26cd0564d25e4fa461f60ee551
323d0dd7c28132fc0c4b502824ebe3bc36d034f67be2f7770d2dc09ba8fd372b
328d65c3f556b06e386aefa4c6055ec1d471bc39b8dd62064648e1720b79f56b
341f527229dc3425d3aa9c4e5f06483476a67fc466aa87963b3f2794f5a0008b
35c129dc1fc4efa81d433952c2b79219cde25fb54f4522f6d003894111a991ed
36a2ca40998a70e47e0bf4091e7be8d2b85d746ad2cb8cf0ba405d52ca5f4c30
36d0f6150f2eaaed37a21fbe52156a4cab87e4fea0b6d69663d27dcf0b3d4424
38e9fa9190a4672f4ba7e7af1c078ae348d7f14a628b5b780005b1f9293b326a
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a18ea92c380189408cb5d34a8c37bad6248c61f93ba194c250429f2c2d5a825
3f6a0ad3e356332731589c85277a24d518d1b3853285c92e0c4375afa90a5538
4296b357302c4a1d889d19d8bd507a5687afd5f0c9d44e400e3ffd8b3ed27169
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
46afe08fb3099d003096a99df6fdc71eef610e1164c3a7f5aa1313a560af8583
474552300a96cbed0d37079d6356a4f2cfe8eefe9d7dc057b9b529f3621ec134
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efb343a1c4bf292cb1fde6f41a16dd1473cd0563d30c3397f9130855541642b
541e7e1a9b051548c8ca99dde9ed23b57e899c2638e5995943026d96c17a7c3a
567f9433b1bdf10619a0e2734ffce38b739dc32158a0a94cc10ce82fbf6441de
57de7fe2b12a7adf68bde842a680e51423f5fb940c4fbade7dfb721e22907ec8
5abba03e7693696229d93b38e257bed6e3ca871dc5aafb4a4bbcda81bdd2477f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f15c9282fc8e6d0968da41b92f4677bb516bb2699a2600a60845ad89547ed2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c27b41c7e0f0a4536cb6809a64260531a43294ef5d1e1dd92848b86c8d61076
6fa5fad4f499ec8b02f1eaf8c570e80dc6f66f1772245b902c5dd91e69773d70
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7a1d8f8ab01441044403ace72e22a59597a31838a9849e1f065ef0eb9b72b44d
8bd72d23fabec245757bc6bb991a51f31052fe0c17936bcc4b2da4b18b8f48b6
8cee7dc0b8d16b30e53272573dce5b9818a66817b9836fcf6d5989e681f7072a
92b89a7520396301a8e617e343407401bdc608d6c9bb04ffd6982265a3622c54
938c20616761c3dbeb876d8632a7039725a3a26a6ad401350a7019a9eaca5f2b
969186c48deedbf5cb493aa710e5dde518703dd2e7f98b1f7fcee478d2cd2d05
98467dde29add0e4205bf587cd9c1c012455582e0ec3111fe53caf7dcdf0756b
99090b3cc7ed201c2bbd8dcd1e0e4ebf54f6fe8b64f46b9dc4c6bf5345b3f34a
9c26bc75108230b3252f1cd34578e2fd0191b857f8749f7aac3d41634c96dcdb
a27a84a0e5641049dba63da1708f9f18ae0d63d35b5ce60db361c7da62036a1c
a2aac176906e9355b7afeabb0f440793c1fa9825e3a40dfb66a9e31be0ef7e8a
a8754d0d56b047609230516dcc57dacd00eb24e2fc5bd2afb88409520539fc6f
a886481ebdec5dbd336a75ae7855c7c17c5ae80867f493f477a1f536bef9fa80
a9e4376510b42f7c0f3932c6ac04297606d292b3b16d88b8c2a34a648375de74
b03799d1b9b43d5f2b6990e07ec1f2f7b708dbdd251d682673fb206ff49ef1d6
b05e97e590f0dd85df5c281b2a306667bbca45249a4ef34ce051f4e95005541d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5ed15c9685df163a6a25e1faad97b2f232717d946e1ac799ab3d74fceb05dbe
b7e223b62bbf923de31cabcc1352c080cce86ef33bf22863507b8c4e8171cd19
b86fe4efe704d6b995ff9b5c0d66019d1991dce6637b44e3a476f89f3aabbcba
ba6a18326f3c2fe0df64aac9e4091e308cb3cccbb57a00bef804635011c818b6
bc57e14f36754044a7dcc045f0788dddef016f0cc9331ca8dad3e52e787c65d5
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c3837fe520f9d883bc44842861cb484ac82aa1a752817de6dd1d1e490f5768af
c8046dcf402adc4f53bd06a7f438142cc833d52c2a16f14ba618e7ef9fa15767
cb09e4ba933f99216327d49b3a04b6abda77d1c4eb8744d5fb02ed0600c6944c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5d43be392011e70f32a9ffdce944da2acbc440d32a3d986f2e9b5679d0dea4
d210311a9a7b810b2b3423b70dea6e0273d38306c9a1f7da216d95818d39f9e8
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3b0a9bb7b5774846ea52edd74fd64033003e0a7563873572246270879628fd4
d58bda4a6a9ee35ad967ebd5027c7ecc544f493fd93afa464a35781bbeb7da72
d708bfda3c7099ddaff2776939c4f133edff6f4038d0954c19d89b487fdca499
d86d722eb900b21cbafcd3cb36aed43b5f9aec7afa0c9fcfdcd7e9efa522cd54
d9aa2c5890f3f0526ffff32df193a40eabae538bf1a7fb556d8e1b62125d47f0
ded26b6f9fad942d4fa5e5e48607bb2a7c0e00491fbd3f05657f25818d6cd69e
e2a5e83a1c3b20eac4e0c90c7c9d3a93c92106c8c22d06f3f42e6b48ee33ef6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73e00d8d089257bfedf402c635cd708b07d1eeeb9c349038f8dc281c83cbe2c
e884a5aa6872d5f3dd20ce71f57863a55c3dd599af9a4d6b49f778189a6241b2
e8bb521719b51c0b73165b49dbb769a6ed9c63814ae782a685f936b4477618c8
ebf7ccb965add453301478e749c87737a40d6356297aa0fb15bf982e4e10bba3
eeb2f447bfaadf752ca60e6c92b762f1aafb27fab8ae95501a8f00b3d9071949
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2503e7f5a8524d12329e0716b9195641b648c0ac00db725f3cb297faaa9afb9
f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b
f4373f8a04126162fa9aeb0941890a2375a1c21398f0873406ad64ca93cae5b8
f4a1b626bfd77d51638f5e3531b18bc381eaaad2bd87e750185ddf2e0f585ed3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f71e0d56b0d81afc81010489d97170e2b73395dd6d243e08bba620aa8e48afb2
f7c149a1c0fd353b211a3dc5642663e47fdd7287c08637e96fd9fa12484c1ce6
f94c2570a51f7fd482cfd9bcf0f10a762a4485c2a3d20e726b0f446add15c50a
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe909ce51407195e3de74c0c1f54e551f9d2f130d62a56d4082ff412b15258d4
ff316f09adb23eaf1706954c9cde6e17fca0ac1af3ad99f3874842573ccd552d