news.investorturf.com Open in urlscan Pro
153.92.215.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://citadelsecurities.co.uk/
Effective URL:
https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbcl...
Submission: On April 25 via manual (April 25th 2023, 10:38:38 am UTC) from GB — Scanned from GB

Summary HTTP 76 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 76 HTTP transactions. The main IP is 153.92.215.169, located in Asheville, United States and belongs to AS-HOSTINGER, CY. The main domain is news.investorturf.com.
TLS certificate: Issued by R3 on April 18th 2023. Valid for: 3 months.

This is the only time news.investorturf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.136.40.82 94.136.40.82	20738 (GD-EMEA-D...) (GD-EMEA-DC-LD5)
4 54	153.92.215.169 153.92.215.169	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
76	12

1 94.136.40.82 (Leeds, United Kingdom) 1 redirects

ASN20738 (GD-EMEA-DC-LD5, DE)
PTR: redirects.123-reg.co.uk

citadelsecurities.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 153.92.215.169 (Asheville, United States) 4 redirects

ASN47583 (AS-HOSTINGER, CY)
PTR: cpl79.hosting24.com

news.investorturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	investorturf.com 4 redirects news.investorturf.com	1 MB
10	gstatic.com www.gstatic.com fonts.gstatic.com	742 KB
8	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2078 www.google.com — Cisco Umbrella Rank: 16	148 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	166 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	5 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 143	9 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	258 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	68 KB
1	citadelsecurities.co.uk 1 redirects citadelsecurities.co.uk	369 B
76	10

	Domain	Requested by
54	news.investorturf.com	4 redirects news.investorturf.com
6	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.google.com	news.investorturf.com www.gstatic.com www.google.com
4	fundingchoicesmessages.google.com	news.investorturf.com pagead2.googlesyndication.com
2	pagead2.googlesyndication.com	news.investorturf.com pagead2.googlesyndication.com
2	fonts.googleapis.com	news.investorturf.com
1	lh3.googleusercontent.com	news.investorturf.com
1	region1.google-analytics.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.googletagmanager.com	news.investorturf.com
1	citadelsecurities.co.uk	1 redirects
76	12

This site contains links to these domains. Also see Links.

Domain
stocks.investorturf.com
tools.investorturf.com
donorbox.org
api.whatsapp.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
news.investorturf.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
Frame ID: F37D693300B49BB22D2E6FEFF59CEDEB
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Frame ID: AC45EF145F577AADAC26C87ADD12BEE8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5SSMeAAAAAGW_Ta8tJauYedwTLrTISep6qj_B&co=aHR0cHM6Ly9uZXdzLmludmVzdG9ydHVyZi5jb206NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=d1hxi4tye0fm
Frame ID: 55310D0E5332ADB2F39869BD8122B774
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Lc5SSMeAAAAAGW_Ta8tJauYedwTLrTISep6qj_B
Frame ID: A716159E6AFAC5877E7373B104FA34EC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A list of fines incurred by Citadel Securities and Citadel Advisors for market manipulation - InvestorTurf - Stock and Cryptocurrency news

Page URL History Show full URLs

http://citadelsecurities.co.uk/ HTTP 301
https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-mark... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

76
Requests

95 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

2276 kB
Transfer

4332 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://stocks.investorturf.com/
Title: STOCK MARKET DATA

Search URL Search Domain Scan URL

URL: https://tools.investorturf.com/
Title: WEB TOOLS

Search URL Search Domain Scan URL

URL: https://donorbox.org/investorturf
Title: DONATE

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=A%20list%20of%20fines%20incurred%20by%20Citadel%20Securities%20and%20Citadel%20Advisors%20for%20market%20manipulation%20-%20https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://twitter.com/InvestorTurf

Search URL Search Domain Scan URL

URL: https://www.facebook.com/InvestorTurf

Search URL Search Domain Scan URL

URL: https://www.instagram.com/investorturf/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@investorturf

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://citadelsecurities.co.uk/ HTTP 301
https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://news.investorturf.com/uploads/images/202303/image_650x433_640e7580485c9.jpg HTTP 307
https://news.investorturf.com/

Request Chain 67

https://news.investorturf.com/uploads/images/202303/image_650x433_640e7580485c9.jpg HTTP 307
https://news.investorturf.com/

Request Chain 68

https://news.investorturf.com/uploads/images/202303/image_650x433_640e7580485c9.jpg HTTP 307
https://news.investorturf.com/

Request Chain 77

https://news.investorturf.com/uploads/images/202303/image_650x433_640e7580485c9.jpg HTTP 307
https://news.investorturf.com/

76 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation Show response
news.investorturf.com/
Redirect Chain

http://citadelsecurities.co.uk/
https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU

95 KB
15 KB

812ms
433ms

Document
text/html

153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed / PHP/8.1.16

Resource Hash

c20438eb352652b4e2f9db6c5d34e80d9e39c4b7ab9c907115516baa2ca0efec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate max-age=0
content-encoding: br
content-length: 14522
content-type: text/html; charset=UTF-8
date: Tue, 25 Apr 2023 10:38:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PHP/8.1.16
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Content-Length: 0
Content-Type: text/html
Date: Tue, 25 Apr 2023 10:38:37 GMT
Location: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
Server: Microsoft-IIS/10.0

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
971 B 150ms
54ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:ital,wght@1,800&display=swap

Requested by

Host: news.investorturf.com
URL: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e8427ba6bbc7e8bdd5f12ac1f8fb7ff44bdf395af8052df7a9363964df23b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 10:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 10:38:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 10:38:32 GMT

GET
H2 200 icons.min.css
news.investorturf.com/assets/vendor/font-icons/css/ 3 KB
779 B 263ms
261ms Stylesheet
text/css 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/vendor/font-icons/css/icons.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

dd244c4b60b3c99d2f48f41f5fd998e40079519ba632856b619d1e33ee0ba18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 21 Aug 2020 09:29:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 721
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:32 GMT

GET
H2 200 bootstrap.min.css
news.investorturf.com/assets/vendor/bootstrap/css/ 118 KB
18 KB 262ms
260ms Stylesheet
text/css 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/vendor/bootstrap/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 08 Jun 2017 00:25:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18031
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:32 GMT

GET
H2 200 slick.min.css
news.investorturf.com/assets/vendor/slick/ 1 KB
464 B 262ms
261ms Stylesheet
text/css 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/vendor/slick/slick.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

3a13842a583e6e6a0fc3032fb9ca288322effc1a96dc1dfbec4698bd67b49c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 27 Nov 2019 01:51:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 405
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:32 GMT

GET
H2 200 magnific-popup.min.css
news.investorturf.com/assets/css/ 5 KB
1 KB 132ms
131ms Stylesheet
text/css 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/css/magnific-popup.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

acd33d77de0e98e9d60b71467c5d527aeea5da9b2c9e9125fe3f657896007b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 25 Dec 2017 05:55:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1412
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:32 GMT

GET
H2 200 style-4.3.min.css
news.investorturf.com/assets/css/ 76 KB
13 KB 133ms
132ms Stylesheet
text/css 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/css/style-4.3.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

b7a3558151bb7dd81e07faa1abc7a22f461f76a5c299541a53a885abe3d3a25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Sun, 16 Apr 2023 17:00:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12807
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:32 GMT

GET
H2 200 dark-4.3.min.css
news.investorturf.com/assets/css/ 5 KB
1 KB 261ms
260ms Stylesheet
text/css 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/css/dark-4.3.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

34ef2e05badd0057309ee89caff8412fe55e28b775e419f7004ae76fc1c36f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Sun, 09 Apr 2023 10:34:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1018
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:32 GMT

GET
H2 200 pub-9781911316989406 Show response
fundingchoicesmessages.google.com/i/ 132 KB
45 KB 678ms
75ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-9781911316989406?ers=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e70d48a0ccd50f9c431aff260e5cab06c189d2b388030ea22769233b394e2c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a2TxDdMy1Pxo06BbYGwd2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-a2TxDdMy1Pxo06BbYGwd2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 692ms
90ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9781911316989406

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7570494550f012c2d946d017aa8aab73c4052a2c42be3e97e1c537520b7e721e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.investorturf.com/
Origin: https://news.investorturf.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47476
x-xss-protection: 0
server: cafe
etag: 4827265166507521514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 10:38:33 GMT

GET
H3 200 logo_6424908f0a2932-91215835-67867526.png
news.investorturf.com/uploads/logo/ 14 KB
14 KB 414ms
412ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/logo/logo_6424908f0a2932-91215835-67867526.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

7306f790276a6850edcc8c8c1d42d4a1dcc2f30115561cc6a77738c4c83ab5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13908
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 logo_64248f7003c5f9-86668072-75654182.png
news.investorturf.com/uploads/logo/ 15 KB
15 KB 283ms
280ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/logo/logo_64248f7003c5f9-86668072-75654182.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

8c27e631a04be444eee3cbb918050931d647cb1121599f7aafa79e17d3c4023a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 14926
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 image_750x_63bd69cadd47e.jpg
news.investorturf.com/uploads/images/202301/ 42 KB
42 KB 298ms
295ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202301/image_750x_63bd69cadd47e.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

500a847d10e6208a3921653c432e08519791db1b4d6713677127544e612c523a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 42604
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 like.png
news.investorturf.com/assets/img/reactions/ 2 KB
2 KB 284ms
281ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/reactions/like.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

b2dee962bb423bed6ab77fa79d724754050966eb711a1a3fb11c881cfb5111ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2015 09:53:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2021
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 dislike.png
news.investorturf.com/assets/img/reactions/ 1 KB
1 KB 285ms
282ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/reactions/dislike.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

10ca0e166f95cb42a2c64b1381fb91173493ef1fa3e093871c5b471e6a35e00e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2015 09:53:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1427
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 love.png
news.investorturf.com/assets/img/reactions/ 2 KB
2 KB 286ms
283ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/reactions/love.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

222986f9e4f82be7f1cdc143f4bbf60e85e7691163b27d47ce5032034d881fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2015 09:53:46 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1973
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 funny.png
news.investorturf.com/assets/img/reactions/ 2 KB
2 KB 287ms
284ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/reactions/funny.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

4ee7767d011b058142ed9ea6c97ffceaec3a4cea6db62066df85e2df3a05691b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2015 09:53:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2200
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 angry.png
news.investorturf.com/assets/img/reactions/ 2 KB
2 KB 288ms
285ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/reactions/angry.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

786e71ec97b332177b9300e58bb1b03ea771e8864b558dac7e75705c3b1ba648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2015 09:53:22 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2025
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 sad.png
news.investorturf.com/assets/img/reactions/ 2 KB
2 KB 288ms
285ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/reactions/sad.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

385752e881e8de4c1351d41fc25e1983d719e0a85b99800627388fbd967b1b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2015 09:53:28 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2040
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 wow.png
news.investorturf.com/assets/img/reactions/ 5 KB
5 KB 291ms
288ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/reactions/wow.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

07168d43f5aaddd72239483faf8d3f6339c4c1ee2021cff59d5ce06c34468b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 16 Nov 2019 01:15:16 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5027
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 658ms
52ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4236c835c391e29584f2a19e65f494d7523c7c821752bbf26ba546deeb421745

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Tue, 25 Apr 2023 10:38:33 GMT

GET
H3 200 user.png
news.investorturf.com/assets/img/ 4 KB
4 KB 293ms
290ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/user.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

aa396a29f7283a162171ba70ebf6256a3115e52c1d7d31708ea631a8ec793463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 11 Nov 2018 00:24:38 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4417
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 avatar_1_6429e3b299a68.jpg
news.investorturf.com/uploads/profile/ 11 KB
11 KB 295ms
292ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/profile/avatar_1_6429e3b299a68.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

7dc860852632ce91c46da2435ca4ebaa540c2e6faacb637395ebdf544c5036bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11629
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 bg_slider.png
news.investorturf.com/assets/img/ 142 B
187 B 296ms
293ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/bg_slider.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

304a1699a049b544c6309875b3d7f8e24a3a1f800549ada4a06b52de91d7f61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 02 Nov 2019 14:05:02 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 142
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 bg_small.png
news.investorturf.com/assets/img/ 102 B
147 B 297ms
294ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/bg_small.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

1849588ebd7c473c46eb277f5a627f02e49712f562f0750f3dcfe78d1707651c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 02 Nov 2019 14:11:22 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 102
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 bg_mid.png
news.investorturf.com/assets/img/ 145 B
191 B 297ms
294ms Image
image/png 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/assets/img/bg_mid.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

fa3fb07092321e66f3c394184b6b5cde0328ba3dd3fc96e680963b3ec19fcf56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 02 Nov 2019 14:06:28 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 145
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
news.investorturf.com/assets/js/ 95 KB
32 KB 134ms
134ms Script
application/javascript 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/js/jquery-1.12.4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 08 Jun 2017 00:26:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 32661
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 slick.min.js Show response
news.investorturf.com/assets/vendor/slick/ 42 KB
10 KB 134ms
132ms Script
application/javascript 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/vendor/slick/slick.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 31 Oct 2019 00:10:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9994
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 bootstrap.min.js Show response
news.investorturf.com/assets/vendor/bootstrap/js/ 36 KB
9 KB 138ms
135ms Script
application/javascript 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/vendor/bootstrap/js/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 08 Jun 2017 00:25:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 9439
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 plugins.js Show response
news.investorturf.com/assets/js/ 106 KB
33 KB 146ms
143ms Script
application/javascript 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/js/plugins.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

c16d5f3c8bee6f9f3a0b065787f5996567c7247f65bbe5105e4e6282c342d6cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 20 Mar 2019 16:12:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 33639
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 script-4.3.min.js Show response
news.investorturf.com/assets/js/ 11 KB
3 KB 283ms
280ms Script
application/javascript 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/js/script-4.3.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

289dd4c27f35c48185a3f5f8ec79b7a7dd730b845267538c77aa099bf3279b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 11 Apr 2023 14:08:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2526
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
68 KB 656ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WVBEMDCR4B

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9240328c9e75bc208b1525903aa6264d75c6d7ce231c1558c7f4bc10cfce3b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68799
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Apr 2023 10:38:33 GMT

GET
H3 200 icons.woff2
news.investorturf.com/assets/vendor/font-icons/font/ 10 KB
10 KB 235ms
234ms Font
font/woff2 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://news.investorturf.com/assets/vendor/font-icons/font/icons.woff2?49927068

Requested by

Host: news.investorturf.com
URL: https://news.investorturf.com/assets/vendor/font-icons/css/icons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

8698e9e67eb4934a4d7f27da21abcef5ca385d592985538cc8d450b60e368a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.investorturf.com/assets/vendor/font-icons/css/icons.min.css
Origin: https://news.investorturf.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 04 Aug 2020 22:40:22 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10120
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 407 KB
164 KB 133ms
42ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.investorturf.com/
Origin: https://news.investorturf.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 07:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 07:45:18 GMT

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 304a1699a049b544c6309875b3d7f8e24a3a1f800549ada4a06b52de91d7f61d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 image_100x75_6308cf113afd1.jpg
news.investorturf.com/uploads/images/202208/ 3 KB
3 KB 134ms
133ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202208/image_100x75_6308cf113afd1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

e5d0f2e74d25ef5b5d5ab4b800d7cc3463b065a6989f105e7dac15487c97488f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3536
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 image_100x75_640a86739cd00.jpg
news.investorturf.com/uploads/images/202303/ 5 KB
5 KB 135ms
133ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202303/image_100x75_640a86739cd00.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

e12b20cd40df3a9099e2265f23e9673358ad391e4b53d7194a2353eb8e93c70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4729
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 image_100x75_6216c61f18d8d.jpg
news.investorturf.com/uploads/images/202202/ 4 KB
4 KB 165ms
164ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202202/image_100x75_6216c61f18d8d.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

1d827d959c737cf3de3e8d97e2db55f11d31f4e24ccff1d90792413976eaa275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3744
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 image_100x75_642e5f8860631.jpg
news.investorturf.com/uploads/images/202304/ 4 KB
4 KB 162ms
161ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202304/image_100x75_642e5f8860631.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

c8e2dd3bdf352df6297e12802c4bf6bf1ee948c24da08bbd15e4cd2b34a4ab88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3826
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 image_100x75_641f6a84c0aab.jpg
news.investorturf.com/uploads/images/202303/ 3 KB
3 KB 135ms
134ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202303/image_100x75_641f6a84c0aab.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

c3ac577837d7516ec67e611c90ae1751cb0619a0ed9d839743ddb4a6fb7d51b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3519
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 image_750x415_6444030eac84b.jpg
news.investorturf.com/uploads/images/202304/ 51 KB
51 KB 135ms
134ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202304/image_750x415_6444030eac84b.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

fec1db4a190b43f06b90b81da7cb13c7d1b37a2f64e42e01f596fa4e0b0b2aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 22 Apr 2023 15:53:51 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 51969
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 image_650x433_630d0c0584aac.jpg
news.investorturf.com/uploads/images/202208/ 37 KB
37 KB 143ms
142ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202208/image_650x433_630d0c0584aac.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

9862322bf3b09fec7ad1a25b14f3a0b82948b360c2100d9c6b6eaa5ad7bfd39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 37940
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H2 200 AGSKWxVeel2Aca2rbcpM1yCgAWpAZfM-u0pCRjbZmxkhqzAchAdG4inb3E_1vPU-_gwbXQLAqvIdzlamYUJPjH_hF0k= Show response
fundingchoicesmessages.google.com/f/ 113 KB
30 KB 116ms
115ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVeel2Aca2rbcpM1yCgAWpAZfM-u0pCRjbZmxkhqzAchAdG4inb3E_1vPU-_gwbXQLAqvIdzlamYUJPjH_hF0k=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgyNDE5MTEzLDgyNDAwMDAwMF0sIkQ4MzY2MjAyLTJFQUEtNEUyNy1CQ0MwLTc3RUQ3ODZEMzE5RiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbmV3cy5pbnZlc3RvcnR1cmYuY29tL2EtbGlzdC1vZi1maW5lcy1pbmN1cnJlZC1ieS1jaXRhZGVsLXNlY3VyaXRpZXMtYW5kLWNpdGFkZWwtYWR2aXNvcnMtZm9yLW1hcmtldC1tYW5pcHVsYXRpb24iLG51bGwsW1s4LCJTZHJ3b0NsLV9TOCJdLFs5LCJlbi1HQiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.SdrwoCl-_S8.es5.O/d=1/rs=AJlcJMyiXFGBfRPP6P8iKLxBYg-GxIr04A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef2601a40b95613f083d28f45539843764eb07f0de10762fcad1074fdf1ed5df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qy4k6U8y77GhGnIKB3y1-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-Qy4k6U8y77GhGnIKB3y1-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/ 354 KB
119 KB 195ms
110ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9781911316989406&plah=news.investorturf.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9781911316989406

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a4891e07778ec3df1a341091a3863849f620fa344b36b976cdc51c06e9f66b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121872
x-xss-protection: 0
server: cafe
etag: 6462188058819620321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 10:38:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/ Frame AC45 10 KB
5 KB 134ms
41ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9781911316989406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.investorturf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 58602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 18:21:52 GMT
etag: 2378337311435320485
expires: Mon, 08 May 2023 18:21:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 109ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WVBEMDCR4B&gtm=45je34j0&_p=2057842669&cid=493209866.1682419114&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682419113&sct=1&seg=0&dl=https%3A%2F%2Fnews.investorturf.com%2Fa-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation%3Ffbclid%3DIwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU&dt=A%20list%20of%20fines%20incurred%20by%20Citadel%20Securities%20and%20Citadel%20Advisors%20for%20market%20manipulation%20-%20InvestorTurf%20-%20Stock%20and%20Cryptocurrency%20news&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WVBEMDCR4B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.investorturf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 image_650x433_641f6a84c9cab.jpg
news.investorturf.com/uploads/images/202303/ 61 KB
61 KB 131ms
130ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202303/image_650x433_641f6a84c9cab.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

01f379506db2aa674f90ae7f9b7680dfd8156dc0799279c148c8d5dff584b943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 62850
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H3 200 image_750x415_643c26dacdce0.jpg
news.investorturf.com/uploads/images/202304/ 48 KB
48 KB 153ms
153ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202304/image_750x415_643c26dacdce0.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

fe481f7dad949e24a430a6ef478e5459b33a1f8bffa85d98ee2a41cdc8ac9097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 16 Apr 2023 16:48:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49053
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:33 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5531 50 KB
28 KB 65ms
64ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5SSMeAAAAAGW_Ta8tJauYedwTLrTISep6qj_B&co=aHR0cHM6Ly9uZXdzLmludmVzdG9ydHVyZi5jb206NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=d1hxi4tye0fm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4db4d9a4b673b7499677a668112609a843c9b1b5e78f46c96e476f4cf2ab8723

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MuupCXI3ttFzIZQ4nOgVkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.investorturf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28040
content-security-policy: script-src 'report-sample' 'nonce-MuupCXI3ttFzIZQ4nOgVkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 10:38:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 65 KB
4 KB 60ms
60ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.SdrwoCl-_S8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyiXFGBfRPP6P8iKLxBYg-GxIr04A/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b18a857259a705a842cc2a41cfffbea62400997ef90653de4f075b2ec6b9fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 10:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 10:38:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 10:38:34 GMT

GET
H2 200 8B3rNHqr2DZ-N_E5QFdc-9uutDpD25RHvOngiVtlRembhhMsvy-aHA73bVd9SFUFucbxbo6sqJvg9e8C6qiUBIHNzvsIS4_7pfKHINlQG6o_DbJ4Mr0v=h60
lh3.googleusercontent.com/ 8 KB
9 KB 133ms
43ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/8B3rNHqr2DZ-N_E5QFdc-9uutDpD25RHvOngiVtlRembhhMsvy-aHA73bVd9SFUFucbxbo6sqJvg9e8C6qiUBIHNzvsIS4_7pfKHINlQG6o_DbJ4Mr0v=h60

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ffc184e43ede01a104d28e8f03645725113014e42f7d909d6668dbdf89328865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 09:09:51 GMT
x-content-type-options: nosniff
age: 5323
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8659
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Apr 2023 09:09:51 GMT

POST
H3 204 AGSKWxUyCpg8CQzGNJanT-yPf79QPfu80t5hVsCgddB5p-CH5DWHslZTBWdo9BplJli9W8esoGQpYVi23ojVvXHwdpliIhUcxUONczCooTcTsnDlbEiV2D6g1k_fO63D4adTiQcRqiDm_Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 146ms
57ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUyCpg8CQzGNJanT-yPf79QPfu80t5hVsCgddB5p-CH5DWHslZTBWdo9BplJli9W8esoGQpYVi23ojVvXHwdpliIhUcxUONczCooTcTsnDlbEiV2D6g1k_fO63D4adTiQcRqiDm_Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QTe8VoNEFiaWSnTDIeAEtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.investorturf.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Apr 2023 10:38:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QTe8VoNEFiaWSnTDIeAEtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://news.investorturf.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 5531 55 KB
24 KB 126ms
41ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5SSMeAAAAAGW_Ta8tJauYedwTLrTISep6qj_B&co=aHR0cHM6Ly9uZXdzLmludmVzdG9ydHVyZi5jb206NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=d1hxi4tye0fm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 21:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 21:17:20 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 5531 407 KB
163 KB 146ms
61ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 07:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 07:45:18 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 137ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.investorturf.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:43:28 GMT
x-content-type-options: nosniff
age: 233706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:43:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 173ms
90ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.investorturf.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:01:02 GMT
x-content-type-options: nosniff
age: 236252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:01:02 GMT

GET
H2 200 7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v28/ 17 KB
17 KB 254ms
174ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15559265c43e023322fbb97f910244594c12c7c9b60afcfe7bd3529155f560ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.investorturf.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:29 GMT
x-content-type-options: nosniff
age: 376385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16932
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:29 GMT

GET
H3

200

/
news.investorturf.com/
Redirect Chain

https://news.investorturf.com/uploads/images/202303/image_650x433_640e7580485c9.jpg
https://news.investorturf.com/

14 KB
14 KB

350ms
349ms

Image
text/html

153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/

Requested by

Protocol

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed / PHP/8.1.16

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: LiteSpeed
x-powered-by: PHP/8.1.16
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: PHP/8.1.16
content-type: text/html; charset=UTF-8
location: https://news.investorturf.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 ca-pub-9781911316989406 Show response
fundingchoicesmessages.google.com/i/ 132 KB
44 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9781911316989406?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9781911316989406&plah=news.investorturf.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9ff285af8c018e6ccc3d578bdb0ae7cfa74b5bf4712bdc93cf3cb4cc0a76836

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-5QfklDgXjuXkii_UzHZOZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-5QfklDgXjuXkii_UzHZOZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5531 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5531 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5531 2 KB
2 KB 42ms
41ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 09:25:07 GMT
x-content-type-options: nosniff
age: 4407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 02 May 2023 09:25:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5531 15 KB
15 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 09:25:43 GMT
x-content-type-options: nosniff
age: 4371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Apr 2024 09:25:43 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5531 102 B
134 B 53ms
53ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95e9deeefa7eb53c1ef328c9a9793310a04632a3e66b971808d13a16c4f08944

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5SSMeAAAAAGW_Ta8tJauYedwTLrTISep6qj_B&co=aHR0cHM6Ly9uZXdzLmludmVzdG9ydHVyZi5jb206NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=normal&cb=d1hxi4tye0fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 25 Apr 2023 10:38:34 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A716 7 KB
1 KB 67ms
66ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Lc5SSMeAAAAAGW_Ta8tJauYedwTLrTISep6qj_B

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2c73624471ef62c8e2e88b3da592f9a612d8cc7bb8bbdd907e9d8ec04449c2b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yw3nqJU-vk18rwIUjRCd-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.investorturf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1145
content-security-policy: script-src 'report-sample' 'nonce-yw3nqJU-vk18rwIUjRCd-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 10:38:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame A716 55 KB
24 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Lc5SSMeAAAAAGW_Ta8tJauYedwTLrTISep6qj_B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 21:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 21:17:20 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame A716 407 KB
163 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Lc5SSMeAAAAAGW_Ta8tJauYedwTLrTISep6qj_B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 07:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 07:45:18 GMT

GET
H3 200 image_750x415_64382a97c2db4.jpg
news.investorturf.com/uploads/images/202304/ 57 KB
57 KB 132ms
132ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202304/image_750x415_64382a97c2db4.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

8fb8014f95502fa883fd5ac726f891f6af5f395d85c5cb97a54a415f37b62234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 16:15:19 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 58716
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:34 GMT

GET
H3

200

/
news.investorturf.com/
Redirect Chain

https://news.investorturf.com/uploads/images/202303/image_650x433_640e7580485c9.jpg
https://news.investorturf.com/

64 KB
64 KB

337ms
337ms

Image
text/html

153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/

Protocol

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed / PHP/8.1.16

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: LiteSpeed
x-powered-by: PHP/8.1.16
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: PHP/8.1.16
content-type: text/html; charset=UTF-8
location: https://news.investorturf.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

/
news.investorturf.com/
Redirect Chain

https://news.investorturf.com/uploads/images/202303/image_650x433_640e7580485c9.jpg
https://news.investorturf.com/

64 KB
64 KB

306ms
305ms

Image
text/html

153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/

Protocol

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed / PHP/8.1.16

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: LiteSpeed
x-powered-by: PHP/8.1.16
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: PHP/8.1.16
content-type: text/html; charset=UTF-8
location: https://news.investorturf.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 image_650x433_63a4a48b37517.jpg
news.investorturf.com/uploads/images/202212/ 47 KB
47 KB 130ms
130ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202212/image_650x433_63a4a48b37517.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

fc8f231143b300b37668f6f132d26e11c689a5f5ae3e5ea5c716e384c4534cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 48315
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:37 GMT

GET
H3 200 image_650x433_63a4a48b37517.jpg
news.investorturf.com/uploads/images/202212/ 47 KB
47 KB 130ms
130ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202212/image_650x433_63a4a48b37517.jpg

Requested by

Host: news.investorturf.com
URL: https://news.investorturf.com/assets/js/jquery-1.12.4.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

fc8f231143b300b37668f6f132d26e11c689a5f5ae3e5ea5c716e384c4534cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 48315
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:37 GMT

GET
H3 200 image_650x433_6216c61f1e736.jpg
news.investorturf.com/uploads/images/202202/ 57 KB
57 KB 147ms
147ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202202/image_650x433_6216c61f1e736.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

a3abf8c07ff488cd2539fa623a41c45bb80b901772018e1f408c6c1edfd7bfec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 57883
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:37 GMT

GET
H3 200 image_650x433_6216c61f1e736.jpg
news.investorturf.com/uploads/images/202202/ 57 KB
57 KB 134ms
133ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202202/image_650x433_6216c61f1e736.jpg

Requested by

Host: news.investorturf.com
URL: https://news.investorturf.com/assets/js/jquery-1.12.4.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

a3abf8c07ff488cd2539fa623a41c45bb80b901772018e1f408c6c1edfd7bfec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 57883
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:37 GMT

GET
H3 200 image_650x433_630d0c0584aac.jpg
news.investorturf.com/uploads/images/202208/ 37 KB
37 KB 152ms
151ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202208/image_650x433_630d0c0584aac.jpg

Requested by

Host: news.investorturf.com
URL: https://news.investorturf.com/assets/vendor/slick/slick.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

9862322bf3b09fec7ad1a25b14f3a0b82948b360c2100d9c6b6eaa5ad7bfd39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 37940
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:37 GMT

GET
H3 200 image_650x433_630d0c0584aac.jpg
news.investorturf.com/uploads/images/202208/ 37 KB
37 KB 130ms
129ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202208/image_650x433_630d0c0584aac.jpg

Requested by

Host: news.investorturf.com
URL: https://news.investorturf.com/assets/js/jquery-1.12.4.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

9862322bf3b09fec7ad1a25b14f3a0b82948b360c2100d9c6b6eaa5ad7bfd39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 37940
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:37 GMT

GET
H3 200 image_650x433_641f6a84c9cab.jpg
news.investorturf.com/uploads/images/202303/ 61 KB
61 KB 149ms
148ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202303/image_650x433_641f6a84c9cab.jpg

Requested by

Host: news.investorturf.com
URL: https://news.investorturf.com/assets/vendor/slick/slick.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

01f379506db2aa674f90ae7f9b7680dfd8156dc0799279c148c8d5dff584b943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 62850
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:37 GMT

GET
H3 200 image_650x433_641f6a84c9cab.jpg
news.investorturf.com/uploads/images/202303/ 61 KB
61 KB 134ms
134ms Image
image/jpeg 153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/uploads/images/202303/image_650x433_641f6a84c9cab.jpg

Requested by

Host: news.investorturf.com
URL: https://news.investorturf.com/assets/js/jquery-1.12.4.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed /

Resource Hash

01f379506db2aa674f90ae7f9b7680dfd8156dc0799279c148c8d5dff584b943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 15:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 62850
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 10:38:37 GMT

GET
H3

200

/
news.investorturf.com/
Redirect Chain

https://news.investorturf.com/uploads/images/202303/image_650x433_640e7580485c9.jpg
https://news.investorturf.com/

64 KB
64 KB

349ms
349ms

Image
text/html

153.92.215.169
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.investorturf.com/

Protocol

Server

153.92.215.169 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl79.hosting24.com

Software

LiteSpeed / PHP/8.1.16

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news.investorturf.com/a-list-of-fines-incurred-by-citadel-securities-and-citadel-advisors-for-market-manipulation?fbclid=IwAR3TgsqvQMEAVClMaabyPFz7zGp0jDSGjHtQRLD4-IN9cGk1CSkmJHE-miU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: LiteSpeed
x-powered-by: PHP/8.1.16
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Apr 2023 10:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: PHP/8.1.16
content-type: text/html; charset=UTF-8
location: https://news.investorturf.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news.investorturf.com/	1970-01-20 11:27:31	Name: ci_session Value: spmfr2lrenob671k5j6np26uq0p2sfiu
news.investorturf.com/	1970-01-20 12:03:31	Name: inf_newsletter_mdl Value: 1
news.investorturf.com/	1970-01-20 12:03:31	Name: inf_post_71 Value: 1
news.investorturf.com/	1970-01-20 11:20:26	Name: inf_app_csrf_cookie Value: 68f61ea0a2dd4a258efe3adec3aacc6a
.investorturf.com/	1970-01-20 20:56:19	Name: _ga_WVBEMDCR4B Value: GS1.1.1682419113.1.0.1682419113.0.0.0
.investorturf.com/	1970-01-20 20:56:19	Name: _ga Value: GA1.1.493209866.1682419114

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citadelsecurities.co.uk
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
news.investorturf.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
153.92.215.169
2001:4860:4802:34::36
2a00:1450:4001:806::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2003
94.136.40.82
01f379506db2aa674f90ae7f9b7680dfd8156dc0799279c148c8d5dff584b943
07168d43f5aaddd72239483faf8d3f6339c4c1ee2021cff59d5ce06c34468b56
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
10ca0e166f95cb42a2c64b1381fb91173493ef1fa3e093871c5b471e6a35e00e
15559265c43e023322fbb97f910244594c12c7c9b60afcfe7bd3529155f560ae
1849588ebd7c473c46eb277f5a627f02e49712f562f0750f3dcfe78d1707651c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d827d959c737cf3de3e8d97e2db55f11d31f4e24ccff1d90792413976eaa275
1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba
222986f9e4f82be7f1cdc143f4bbf60e85e7691163b27d47ce5032034d881fab
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
289dd4c27f35c48185a3f5f8ec79b7a7dd730b845267538c77aa099bf3279b29
2c73624471ef62c8e2e88b3da592f9a612d8cc7bb8bbdd907e9d8ec04449c2b2
304a1699a049b544c6309875b3d7f8e24a3a1f800549ada4a06b52de91d7f61d
34ef2e05badd0057309ee89caff8412fe55e28b775e419f7004ae76fc1c36f31
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
385752e881e8de4c1351d41fc25e1983d719e0a85b99800627388fbd967b1b1f
3a13842a583e6e6a0fc3032fb9ca288322effc1a96dc1dfbec4698bd67b49c39
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4236c835c391e29584f2a19e65f494d7523c7c821752bbf26ba546deeb421745
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4db4d9a4b673b7499677a668112609a843c9b1b5e78f46c96e476f4cf2ab8723
4ee7767d011b058142ed9ea6c97ffceaec3a4cea6db62066df85e2df3a05691b
500a847d10e6208a3921653c432e08519791db1b4d6713677127544e612c523a
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
7306f790276a6850edcc8c8c1d42d4a1dcc2f30115561cc6a77738c4c83ab5db
7570494550f012c2d946d017aa8aab73c4052a2c42be3e97e1c537520b7e721e
786e71ec97b332177b9300e58bb1b03ea771e8864b558dac7e75705c3b1ba648
7dc860852632ce91c46da2435ca4ebaa540c2e6faacb637395ebdf544c5036bb
7e70d48a0ccd50f9c431aff260e5cab06c189d2b388030ea22769233b394e2c4
7e8427ba6bbc7e8bdd5f12ac1f8fb7ff44bdf395af8052df7a9363964df23b65
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8698e9e67eb4934a4d7f27da21abcef5ca385d592985538cc8d450b60e368a98
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8b18a857259a705a842cc2a41cfffbea62400997ef90653de4f075b2ec6b9fc4
8c27e631a04be444eee3cbb918050931d647cb1121599f7aafa79e17d3c4023a
8fb8014f95502fa883fd5ac726f891f6af5f395d85c5cb97a54a415f37b62234
9240328c9e75bc208b1525903aa6264d75c6d7ce231c1558c7f4bc10cfce3b07
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95e9deeefa7eb53c1ef328c9a9793310a04632a3e66b971808d13a16c4f08944
9862322bf3b09fec7ad1a25b14f3a0b82948b360c2100d9c6b6eaa5ad7bfd39e
9a4891e07778ec3df1a341091a3863849f620fa344b36b976cdc51c06e9f66b0
a3abf8c07ff488cd2539fa623a41c45bb80b901772018e1f408c6c1edfd7bfec
a9ff285af8c018e6ccc3d578bdb0ae7cfa74b5bf4712bdc93cf3cb4cc0a76836
aa396a29f7283a162171ba70ebf6256a3115e52c1d7d31708ea631a8ec793463
acd33d77de0e98e9d60b71467c5d527aeea5da9b2c9e9125fe3f657896007b6c
b2dee962bb423bed6ab77fa79d724754050966eb711a1a3fb11c881cfb5111ed
b7a3558151bb7dd81e07faa1abc7a22f461f76a5c299541a53a885abe3d3a25a
c16d5f3c8bee6f9f3a0b065787f5996567c7247f65bbe5105e4e6282c342d6cc
c20438eb352652b4e2f9db6c5d34e80d9e39c4b7ab9c907115516baa2ca0efec
c3ac577837d7516ec67e611c90ae1751cb0619a0ed9d839743ddb4a6fb7d51b1
c8e2dd3bdf352df6297e12802c4bf6bf1ee948c24da08bbd15e4cd2b34a4ab88
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
dd244c4b60b3c99d2f48f41f5fd998e40079519ba632856b619d1e33ee0ba18f
e12b20cd40df3a9099e2265f23e9673358ad391e4b53d7194a2353eb8e93c70e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d0f2e74d25ef5b5d5ab4b800d7cc3463b065a6989f105e7dac15487c97488f
ef2601a40b95613f083d28f45539843764eb07f0de10762fcad1074fdf1ed5df
fa3fb07092321e66f3c394184b6b5cde0328ba3dd3fc96e680963b3ec19fcf56
fc8f231143b300b37668f6f132d26e11c689a5f5ae3e5ea5c716e384c4534cd2
fe481f7dad949e24a430a6ef478e5459b33a1f8bffa85d98ee2a41cdc8ac9097
fec1db4a190b43f06b90b81da7cb13c7d1b37a2f64e42e01f596fa4e0b0b2aa3
ffc184e43ede01a104d28e8f03645725113014e42f7d909d6668dbdf89328865

news.investorturf.com Open in urlscan Pro 153.92.215.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

95 %HTTPS

83 %IPv6

10 Domains

12 Subdomains

12 IPs

3 Countries

2276 kBTransfer

4332 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news.investorturf.com Open in urlscan Pro
153.92.215.169 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

95 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

2276 kB
Transfer

4332 kB
Size

6
Cookies

76 HTTP transactions
3 data transactions