theguardianklmn.com Open in urlscan Pro
172.67.175.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://theguardianklmn.com/
Submission: On June 15 via api (June 15th 2024, 7:28:24 am UTC) from BE — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 40 HTTP transactions. The main IP is 172.67.175.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is theguardianklmn.com.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.

This is the only time theguardianklmn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.175.48 172.67.175.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	34.120.220.213 34.120.220.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
9	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	119.8.184.92 119.8.184.92	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2604:4f00:10:... 2604:4f00:10:31a5:0:12:709:1	47002 (TIGERTECH) (TIGERTECH)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:4780:b:1... 2a02:4780:b:1328:0:1451:6fee:10	47583 (AS-HOSTINGER) (AS-HOSTINGER)
40	15

1 172.67.175.48 (United States)

ASN13335 (CLOUDFLARENET, US)

theguardianklmn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.120.220.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.220.120.34.bc.googleusercontent.com

static.cdns.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.8.184.92 (Singapore, Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-119-8-184-92.compute.hwclouds-dns.com

gbw.cmpc.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:117 (United States)

ASN13335 (CLOUDFLARENET, US)

larryferlazzo.edublogs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2604:4f00:10:31a5:0:12:709:1 (Berkeley, United States)

ASN47002 (TIGERTECH, US)

www.eduwonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

jodidurgin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:4780:b:1328:0:1451:6fee:10 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

bukashub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 tpc.googlesyndication.com — Cisco Umbrella Rank: 172	214 KB
9	cdns.space static.cdns.space — Cisco Umbrella Rank: 741754	103 KB
4	edublogs.org larryferlazzo.edublogs.org	160 KB
4	googleapis.com firebase.googleapis.com — Cisco Umbrella Rank: 3907 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 630	893 B
2	bukashub.com bukashub.com	419 KB
2	jodidurgin.com jodidurgin.com	132 KB
2	eduwonk.com www.eduwonk.com	216 KB
2	cmpc.fun gbw.cmpc.fun — Cisco Umbrella Rank: 258257	13 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347	257 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	88 KB
1	theguardianklmn.com theguardianklmn.com	2 KB
40	11

	Domain	Requested by
9	pagead2.googlesyndication.com	static.cdns.space pagead2.googlesyndication.com
9	static.cdns.space	theguardianklmn.com static.cdns.space
4	larryferlazzo.edublogs.org
2	bukashub.com
2	jodidurgin.com
2	www.eduwonk.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	firebaseinstallations.googleapis.com	static.cdns.space
2	gbw.cmpc.fun	static.cdns.space
2	firebase.googleapis.com	static.cdns.space
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	static.cdns.space
1	theguardianklmn.com
40	13

This site contains no links.

Subject Issuer	Validity	Valid
theguardianklmn.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.cdns.space RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2024-05-17` - `2025-05-17`	a year	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.cmpc.fun RapidSSL TLS RSA CA G1	`2023-11-07` - `2024-11-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.edublogs.org Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2024-12-07`	a year	crt.sh
customers.tigertech.net R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
jodidurgin.com E1	`2024-05-13` - `2024-08-11`	3 months	crt.sh
bukashub.com R3	`2024-05-25` - `2024-08-23`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://theguardianklmn.com/
Frame ID: 7E6982F24B4EB056B779FA8DCE21A7A5
Requests: 33 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Frame ID: BEACFFCE3727CC645CB109454628794C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718436500&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ftheguardianklmn.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_16~30_19~27_14&aiixl=28_4~30_6~27_3&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718436499751&bpp=5&bdt=396&idt=223&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1961715506760&frm=20&pv=2&ga_vid=389539435.1718436500&ga_sid=1718436500&ga_hid=2139233524&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95332584%2C95332925%2C95334508%2C95334529%2C95334573%2C95334579%2C95334054%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3385953101725882&tmod=327095292&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: 05574D991B2CAABF5D4892E9492BAFE9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 535592C74D63A433F6871F861783D995
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&h=280&slotname=6376216710&adk=1229917956&adf=3812065376&pi=t.ma~as.6376216710&w=893&abgtt=6&fwrn=4&fwrnh=100&lmt=1718436501&rafmt=1&format=893x280&url=https%3A%2F%2Ftheguardianklmn.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718436501260&bpp=2&bdt=1905&idt=-M&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1961715506760&frm=20&pv=1&ga_vid=389539435.1718436500&ga_sid=1718436500&ga_hid=2139233524&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95332584%2C95332925%2C95334508%2C95334529%2C95334573%2C95334579%2C95334054%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3385953101725882&tmod=327095292&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4
Frame ID: 376428AD53652213B69465D6308DCD3F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&h=280&slotname=9108021954&adk=3093450888&adf=3081562986&pi=t.ma~as.9108021954&w=893&abgtt=6&fwrn=4&fwrnh=100&lmt=1718436501&rafmt=1&format=893x280&url=https%3A%2F%2Ftheguardianklmn.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718436501260&bpp=1&bdt=1905&idt=1&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C893x280&nras=1&correlator=1961715506760&frm=20&pv=1&ga_vid=389539435.1718436500&ga_sid=1718436500&ga_hid=2139233524&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95332584%2C95332925%2C95334508%2C95334529%2C95334573%2C95334579%2C95334054%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3385953101725882&tmod=327095292&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Frame ID: 6F786B1398B8B292C893F85306580D4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

40
Requests

98 %
HTTPS

57 %
IPv6

11
Domains

13
Subdomains

15
IPs

4
Countries

1348 kB
Transfer

3024 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
theguardianklmn.com/ 3 KB
2 KB 367ms
294ms Document
text/html 172.67.175.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theguardianklmn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a202be1242aeed8341d8febcf4d12f28ac9dcdc5d55adc86b1438e2ee6130409

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8940d7b72d921d8c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 15 Jun 2024 07:28:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpMHT41ZSKL7ZA4%2F52Z0jkQXMPTKoHAh89k91IKO9KVf4Cp7ludDCVXlNV4sYP%2BgyU6MIOReoCevRgSjDnyiH8pWMXFqSwaS7c%2FKfUEmmZwwjfhRJIrEwkDkQt5t%2ByzFQCaifeVr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 bundle.axios.b49b59d3.js Show response
static.cdns.space/news/js/ 34 KB
12 KB 91ms
23ms Script
application/javascript 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/js/bundle.axios.b49b59d3.js
Requested by: Host: theguardianklmn.com
URL: https://theguardianklmn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: 81cfd5a6139bef8ca4a6119ce20e9f674fc1c92fcc6a09dc4cdb7a9b4c10cb71

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:24:13 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSC14iX0VkXK8/9XadkGE8vF5eh8HlF7
via: 1.1 google
server: OBS
last-modified: Wed, 12 Jun 2024 03:18:44 GMT
age: 273846
etag: "2dce5340d1ce5bacfc134b5b734c7035"
content-type: application/javascript
cache-control: public,max-age=2592000
x-obs-request-id: 000001900A7980BF941FFEF693E270C0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12044

GET
H2 200 bundle._firebase.96fdd5c4.js Show response
static.cdns.space/news/js/ 42 KB
12 KB 93ms
26ms Script
application/javascript 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Requested by: Host: theguardianklmn.com
URL: https://theguardianklmn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: 879a8ff307ce35a2d4087794dbf886d7d3e6d8a9b78d36eac890b506822fb674

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:24:13 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSi3XmI0gMsz8EsiBu/T1mLZrGjLngcD
via: 1.1 google
server: OBS
last-modified: Wed, 12 Jun 2024 03:18:44 GMT
age: 273846
etag: "363563600e2b9ef6c072391f98e8e640"
content-type: application/javascript
cache-control: public,max-age=2592000
x-obs-request-id: 000001900A7980CA980D901ABD5E155B
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12072

GET
H2 200 main.95b757a0.js Show response
static.cdns.space/news/ 233 KB
67 KB 110ms
42ms Script
application/javascript 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/main.95b757a0.js
Requested by: Host: theguardianklmn.com
URL: https://theguardianklmn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: 1867103221d661e54c1578fde84ef2ae26b30032de844760fd4e5c347bd06f8f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 08:16:37 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkXfMY6Nl1VGfBghpVIp3vmaa5kigwk
via: 1.1 google
server: OBS
last-modified: Fri, 14 Jun 2024 08:10:17 GMT
age: 83502
etag: "e8ec2cb83f5274df9a34934e4d123293"
content-type: application/javascript
cache-control: public,max-age=2592000
x-obs-request-id: 0000019015D1ECC59412F368A3E0171D
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68668

GET
H2 200 home.84f138d9.css
static.cdns.space/news/css/ 6 KB
1 KB 87ms
20ms Stylesheet
text/css 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/css/home.84f138d9.css
Requested by: Host: theguardianklmn.com
URL: https://theguardianklmn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: 2d888d1a1a95aed1aedfff14ed06d498fc36f46d3141e9e396990e222fcd08d4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:53:20 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSKZsuSWd9xK8coXBtAETsOE01w0mK5L
via: 1.1 google
server: OBS
last-modified: Thu, 13 Jun 2024 06:47:46 GMT
age: 174899
etag: "2c44e6f5cdbeebab36be19ef818b0eea"
content-type: text/css
cache-control: public,max-age=2592000
x-obs-request-id: 00000190105F50CD9814F0F67E485EFD
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1224

GET
H2 200 home.1d669a85.js Show response
static.cdns.space/news/js/ 7 KB
3 KB 88ms
22ms Script
application/javascript 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/js/home.1d669a85.js
Requested by: Host: theguardianklmn.com
URL: https://theguardianklmn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: 06dc95ebccdc6c2f7fb67ac1317a8906ba3dc612870befcdc0453a7e22aa9e30

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:33:13 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMQTG8AhBoqgR7GWVJwWJ/4JI9t8nCN
via: 1.1 google
server: OBS
last-modified: Thu, 13 Jun 2024 06:27:56 GMT
age: 176106
etag: "00c8787cbc6b315407004f769cb9629d"
content-type: application/javascript
cache-control: public,max-age=2592000
x-obs-request-id: 00000190104CE56F98085DC64F5947CE
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2468

GET
H2 200 chunk-55ef3d61.79a31e29.css
static.cdns.space/news/css/ 0
1 KB 116ms
69ms Other
text/css 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/css/chunk-55ef3d61.79a31e29.css
Requested by: Host: theguardianklmn.com
URL: https://theguardianklmn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:53:20 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSidW+l5qsnd77y304LCJPVgp8xCLRyu
via: 1.1 google
server: OBS
last-modified: Thu, 13 Jun 2024 06:47:46 GMT
age: 174899
etag: "7afc9172a7d1c0d2bb9f695d5060fdca"
content-type: text/css
cache-control: public,max-age=2592000
x-obs-request-id: 00000190105F50C09412F3A195B43714
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 986

GET
H2 200 bundle.core-js.960643ae.js
static.cdns.space/news/js/ 0
4 KB 42ms
26ms Other
application/javascript 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/js/bundle.core-js.960643ae.js
Requested by: Host: theguardianklmn.com
URL: https://theguardianklmn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:24:14 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAPjRFDVyRGS3rRDQdHucAQnHYeNyjc
via: 1.1 google
server: OBS
last-modified: Wed, 12 Jun 2024 03:18:44 GMT
age: 273845
etag: "829750d9fb3f84b43a102ec93ef40e93"
content-type: application/javascript
cache-control: public,max-age=2592000
x-obs-request-id: 000001900A798409941A7DF8DBC90A22
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383

GET
H2 200 chunk-55ef3d61.ad15843b.js
static.cdns.space/news/js/ 0
2 KB 32ms
27ms Other
application/javascript 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/js/chunk-55ef3d61.ad15843b.js
Requested by: Host: theguardianklmn.com
URL: https://theguardianklmn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:33:14 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSxTnt4MOJnnBxbRPABd0IiYnoGoGSmA
via: 1.1 google
server: OBS
last-modified: Thu, 13 Jun 2024 06:27:55 GMT
age: 176105
etag: "4ea5949ed002270181fe8c240040970f"
content-type: application/javascript
cache-control: public,max-age=2592000
x-obs-request-id: 00000190104CE97A9412F2BEE9B6060C
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2174

GET
H2 200 bundle.core-js.960643ae.js Show response
static.cdns.space/news/js/ 14 KB
0 0ms
0ms Script
application/javascript 34.120.220.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdns.space/news/js/bundle.core-js.960643ae.js
Requested by: Host: static.cdns.space
URL: https://static.cdns.space/news/main.95b757a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.220.120.34.bc.googleusercontent.com
Software: OBS /
Resource Hash: 2b52caddecc00d834db84af3ea143970d26ed06ba594d5cf340b9c8f77d4c3ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:24:14 GMT
content-encoding: br
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAPjRFDVyRGS3rRDQdHucAQnHYeNyjc
via: 1.1 google
server: OBS
last-modified: Wed, 12 Jun 2024 03:18:44 GMT
age: 273845
etag: "829750d9fb3f84b43a102ec93ef40e93"
content-type: application/javascript
cache-control: public,max-age=2592000
x-obs-request-id: 000001900A798409941A7DF8DBC90A22
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:883227955075:web:c25f38b17738e6680670b6/ 268 B
384 B 178ms
176ms Fetch
application/json 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:883227955075:web:c25f38b17738e6680670b6/webConfig

Requested by

Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6efaa9605942097007f5e2405e53552643f3146ad428a1c19465a255efc448e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
accept: application/json
Referer: https://theguardianklmn.com/
x-goog-api-key: AIzaSyC1P6oiqJZv89IwYZ7ONsiuUqI85cI_pbI
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://theguardianklmn.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 194
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:883227955075:web:c25f38b17738e6680670b6/ Frame 0
0 115ms
38ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:883227955075:web:c25f38b17738e6680670b6/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://theguardianklmn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://theguardianklmn.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 15 Jun 2024 07:28:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
51 KB 109ms
61ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3125188477567991

Requested by

Host: static.cdns.space
URL: https://static.cdns.space/news/js/home.1d669a85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

791289ab7a8cf358321ada96ca290a609aef02f97eb26f0b474c972b1159ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Origin: https://theguardianklmn.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52021
x-xss-protection: 0
server: cafe
etag: 4175821257640590487
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 15 Jun 2024 07:28:19 GMT

POST
H/1.1 200
OK summary Show response
gbw.cmpc.fun/v1/tc/a/ 13 KB
13 KB 309ms
309ms XHR
application/json 119.8.184.92
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbw.cmpc.fun/v1/tc/a/summary
Requested by: Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle.axios.b49b59d3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.8.184.92 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-119-8-184-92.compute.hwclouds-dns.com
Software: elb /
Resource Hash: 7734d0d332aed5d4de7fc6f7dd84dd990295586f95b61696ae5b26d05b71f287

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 15 Jun 2024 07:28:20 GMT
Server: elb
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive

OPTIONS
H/1.1 200
OK summary
gbw.cmpc.fun/v1/tc/a/ Frame 0
0 908ms
290ms Preflight 119.8.184.92
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://gbw.cmpc.fun/v1/tc/a/summary
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.8.184.92 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-119-8-184-92.compute.hwclouds-dns.com
Software: elb /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://theguardianklmn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Jun 2024 07:28:20 GMT
Server: elb
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/bbcmnop-com0612/ 622 B
509 B 386ms
385ms Fetch
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bbcmnop-com0612/installations

Requested by

Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

ESF /

Resource Hash

4c6f8d9397c1ec6c2de930ff14e31534462ad694d4c3febfc18fd05265fcfaed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEzIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIzLjAgZmlyZS1paWQvMC42LjQgZmlyZS1paWQtZXNtMjAxNy8wLjYuNCBmaXJlLWFuYWx5dGljcy8wLjEwLjAgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjEwLjAiLCJkYXRlcyI6WyIyMDI0LTA2LTE1Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://theguardianklmn.com/
x-goog-api-key: AIzaSyC1P6oiqJZv89IwYZ7ONsiuUqI85cI_pbI
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://theguardianklmn.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/bbcmnop-com0612/ Frame 0
0 97ms
33ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bbcmnop-com0612/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://theguardianklmn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://theguardianklmn.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 15 Jun 2024 07:28:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/ 426 KB
144 KB 134ms
77ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=theguardianklmn.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3125188477567991

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

61ad38fef63e13eb1c12a099c3a23ba4dcbb65969f3dc8b41c8185d7d50f8f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147282
x-xss-protection: 0
server: cafe
etag: 11624099013875241669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Jun 2024 07:28:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
88 KB 143ms
63ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-L57BCEVNPX

Requested by

Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfa9486b78194b489d5c15ec577c13feaa2d6b38bae8ea1a533d6d5570a2a6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Jun 2024 07:28:19 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/ Frame BEAC 0
0 64ms
20ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=theguardianklmn.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://theguardianklmn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 41400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jun 2024 19:58:20 GMT
etag: 16861080603521627538
expires: Fri, 28 Jun 2024 19:58:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 0557 0
0 70ms
68ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718436500&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ftheguardianklmn.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_16~30_19~27_14&aiixl=28_4~30_6~27_3&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718436499751&bpp=5&bdt=396&idt=223&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1961715506760&frm=20&pv=2&ga_vid=389539435.1718436500&ga_sid=1718436500&ga_hid=2139233524&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95332584%2C95332925%2C95334508%2C95334529%2C95334573%2C95334579%2C95334054%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3385953101725882&tmod=327095292&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=293

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://theguardianklmn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jun 2024 07:28:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3125188477567991
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=theguardianklmn.com&aplac=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 91ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L57BCEVNPX&gtm=45je46c0v9187592674za200&_p=1718436499866&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&_fid=cXjiZIxnJmcNjx__-Wh1qn&cid=389539435.1718436500&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718436500&sct=1&seg=0&dl=https%3A%2F%2Ftheguardianklmn.com%2F&dt=News&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1177
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-L57BCEVNPX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 07:28:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theguardianklmn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 69ms
69ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240612&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

a1e676fc5c7aff2a783486d0030845085696cc9b9b176d8f32f5a4831c9e266c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12614
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 88ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 07:28:20 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5355 0
0 66ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://theguardianklmn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 8999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jun 2024 04:58:21 GMT
expires: Sun, 15 Jun 2025 04:58:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecca21d29891d8a2205f4c6921218c7ab109f8885968a40f3d6c2e18172e1058

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 insomeway.jpg
larryferlazzo.edublogs.org/files/2024/05/ 17 KB
17 KB 96ms
40ms Image
image/webp 2606:4700::6810:117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larryferlazzo.edublogs.org/files/2024/05/insomeway.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b139013ae914739733faca863327eb729307bff0c4d1aca1f38e2963a9ed97b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:21 GMT
x-amz-version-id: BsFSxMpuROXyc99Vt0eV698M8XynwOMV
cf-cache-status: HIT
x-amz-request-id: VS86W5FGX2HJJB6E
age: 34928
cf-polished: qual=85, origFmt=jpeg, origSize=19126
x-amz-server-side-encryption: AES256
x-moha-origin: https://s3.amazonaws.com/user.files.edublogs.org/dist/2/38582/files/2024/05/insomeway.jpg
content-disposition: inline; filename="insomeway.webp"
content-length: 16964
x-amz-id-2: w8HTs3SP4mGPORg7Mv8QAYmkjElSyzYfzx0vC0BXUM6I7vUGE1Ag7eZ3TGUjKfVv0JcjmlMejss=
x-amz-meta-compressed: 27.74
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 May 2024 01:07:25 GMT
server: cloudflare
etag: "12fee6b4739e89b4ec0e40ca2e955094"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8940d7c48f4d1999-FRA
expires: Sun, 15 Jun 2025 07:28:21 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 3764 0
0 42ms
42ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&h=280&slotname=6376216710&adk=1229917956&adf=3812065376&pi=t.ma~as.6376216710&w=893&abgtt=6&fwrn=4&fwrnh=100&lmt=1718436501&rafmt=1&format=893x280&url=https%3A%2F%2Ftheguardianklmn.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718436501260&bpp=2&bdt=1905&idt=-M&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=1961715506760&frm=20&pv=1&ga_vid=389539435.1718436500&ga_sid=1718436500&ga_hid=2139233524&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95332584%2C95332925%2C95334508%2C95334529%2C95334573%2C95334579%2C95334054%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3385953101725882&tmod=327095292&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://theguardianklmn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jun 2024 07:28:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 6F78 0
0 46ms
46ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&h=280&slotname=9108021954&adk=3093450888&adf=3081562986&pi=t.ma~as.9108021954&w=893&abgtt=6&fwrn=4&fwrnh=100&lmt=1718436501&rafmt=1&format=893x280&url=https%3A%2F%2Ftheguardianklmn.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718436501260&bpp=1&bdt=1905&idt=1&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C893x280&nras=1&correlator=1961715506760&frm=20&pv=1&ga_vid=389539435.1718436500&ga_sid=1718436500&ga_hid=2139233524&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95332584%2C95332925%2C95334508%2C95334529%2C95334573%2C95334579%2C95334054%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3385953101725882&tmod=327095292&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://theguardianklmn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jun 2024 07:28:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Screenshot-2024-06-14-at-3.33.42%E2%80%AFPM-1024x522.png
www.eduwonk.com/wp-content/uploads/2024/06/ 216 KB
216 KB 1397ms
329ms Image
image/png 2604:4f00:10:31a5:0:12:709:1
TIGERTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eduwonk.com/wp-content/uploads/2024/06/Screenshot-2024-06-14-at-3.33.42%E2%80%AFPM-1024x522.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:4f00:10:31a5:0:12:709:1 Berkeley, United States, ASN47002 (TIGERTECH, US),

Reverse DNS

Software

Apache /

Resource Hash

19d168cd2aad2cda0abbe60b3c5813d302c1a9c00ca5c52080eb5b3e0a8bcb21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=300
date: Sat, 15 Jun 2024 07:28:22 GMT
last-modified: Fri, 14 Jun 2024 19:33:54 GMT
tt-server: t=1718436502465787 D=1834
server: Apache
etag: "35fa3-61adeb223a7c6"
content-type: image/png
accept-ranges: bytes
content-length: 221091

GET
H3 200 memory-book-1st-2nd-3rd-4th-5th-grade-1024x538.jpg
jodidurgin.com/wp-content/uploads/2024/06/ 131 KB
132 KB 644ms
585ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jodidurgin.com/wp-content/uploads/2024/06/memory-book-1st-2nd-3rd-4th-5th-grade-1024x538.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: e5708bfb7ad166ebc2db6bc7fd8c3c7fd31f7db272fcdc2ec9231b8eedbd72c0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400
content-length: 134619
last-modified: Wed, 12 Jun 2024 12:42:25 GMT
server: cloudflare
etag: "666997b1-20ddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XexGQibn5IbULVxqreOgLPo%2FFxTzoLk64DZ%2BSHDObFW5Bfiq376k2Wl%2FouyywiTNu8YvWKOw6TUEMvTcybx9cq8NQQ0CUs2a8KxPDfxnj94mxOdav7A19d3V7GqTrPMotg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-hosted-by: BigScoots
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 8940d7c5b9a29be6-FRA

GET
H2 200 civicseason.jpg
larryferlazzo.edublogs.org/files/2021/07/ 22 KB
23 KB 40ms
39ms Image
image/webp 2606:4700::6810:117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larryferlazzo.edublogs.org/files/2021/07/civicseason.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7528897918462354c426ead2b0aefe5c40e67f01efb4b7e09ba03651e854a91e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:21 GMT
x-amz-version-id: MtXKNnP6GozoOvGyLwuJkvGHTp6ZVj75
cf-cache-status: HIT
x-amz-request-id: 893PMQ0DAYJ294BK
age: 86491
cf-polished: qual=85, origFmt=jpeg, origSize=27957
x-amz-server-side-encryption: AES256
x-moha-origin: https://s3.amazonaws.com/user.files.edublogs.org/dist/2/38582/files/2021/07/civicseason.jpg
content-disposition: inline; filename="civicseason.webp"
content-length: 22660
x-amz-id-2: cLyVWzGeGQZsi/H+qBg/BUvEjOrrL+Nx9Jm5xy6Nrm+hiSSrARaEyyow0YM2HlvBNnghQO4fLss=
x-amz-meta-compressed: 20.45
cf-bgj: imgq:85,h2pri
last-modified: Thu, 01 Jul 2021 16:27:59 GMT
server: cloudflare
etag: "b46e612f32de79ba244048abd677b84c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8940d7c5582e1999-FRA
expires: Sun, 15 Jun 2025 07:28:21 GMT

GET
H2 200 Praise-Supplication-3-scaled.jpg
bukashub.com/wp-content/uploads/2024/06/ 419 KB
419 KB 500ms
156ms Image
image/jpeg 2a02:4780:b:1328:0:1451:6fee:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bukashub.com/wp-content/uploads/2024/06/Praise-Supplication-3-scaled.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1328:0:1451:6fee:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8e491f74a6a644a1376e0bf3cc8666e63a64252733dd496634be9e2c5b883a52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 13 Jun 2024 13:08:20 GMT
server: LiteSpeed
etag: "68b7b-666aef44-bb92e8c108c21310;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 428923
expires: Sat, 22 Jun 2024 07:28:21 GMT

GET
H2 200 Any-source-of-bias-in-2ciowos-20hfs8p.jpg
larryferlazzo.edublogs.org/files/2017/08/ 119 KB
120 KB 534ms
533ms Image
image/jpeg 2606:4700::6810:117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larryferlazzo.edublogs.org/files/2017/08/Any-source-of-bias-in-2ciowos-20hfs8p.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab515a4890fb3bbcb7a728cbcc7f46019fda2bf384663434ecc142a1d505747

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:21 GMT
x-amz-version-id: yZFNhzCHLbTma9AfIJsbBoO38MoQ1oLd
cf-cache-status: REVALIDATED
x-amz-request-id: ZS9JTHDJ641CR2Q8
cf-polished: degrade=85, origSize=141734, status=webp_bigger
x-moha-origin: https://s3.amazonaws.com/user.files.edublogs.org/dist/2/38582/files/2017/08/Any-source-of-bias-in-2ciowos-20hfs8p.jpg
content-length: 122188
x-amz-id-2: 9vrg0PpiSyCAHaK077ux0MEeVldGzjEN45d1zG2UMbtPKZHN7g/Ohyy3RBzcoG7VKAtfWE5mHhc=
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Aug 2017 21:58:05 GMT
server: cloudflare
etag: "c30413420c4e9e9b0f352b157f56ffe9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=72000
accept-ranges: bytes
cf-ray: 8940d7c558301999-FRA
expires: Sun, 16 Jun 2024 03:28:21 GMT

GET
H2 200 Screenshot-2024-06-14-at-3.33.42%E2%80%AFPM-1024x522.png
www.eduwonk.com/wp-content/uploads/2024/06/ 216 KB
0 1198ms
1198ms Image
image/png 2604:4f00:10:31a5:0:12:709:1
TIGERTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eduwonk.com/wp-content/uploads/2024/06/Screenshot-2024-06-14-at-3.33.42%E2%80%AFPM-1024x522.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:4f00:10:31a5:0:12:709:1 Berkeley, United States, ASN47002 (TIGERTECH, US),

Reverse DNS

Software

Apache /

Resource Hash

19d168cd2aad2cda0abbe60b3c5813d302c1a9c00ca5c52080eb5b3e0a8bcb21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 15 Jun 2024 07:28:22 GMT
last-modified: Fri, 14 Jun 2024 19:33:54 GMT
tt-server: t=1718436502465787 D=1834
server: Apache
etag: "35fa3-61adeb223a7c6"
content-type: image/png
accept-ranges: bytes
content-length: 221091

GET
H3 200 memory-book-1st-2nd-3rd-4th-5th-grade-1024x538.jpg
jodidurgin.com/wp-content/uploads/2024/06/ 131 KB
0 445ms
444ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jodidurgin.com/wp-content/uploads/2024/06/memory-book-1st-2nd-3rd-4th-5th-grade-1024x538.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: e5708bfb7ad166ebc2db6bc7fd8c3c7fd31f7db272fcdc2ec9231b8eedbd72c0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400
content-length: 134619
last-modified: Wed, 12 Jun 2024 12:42:25 GMT
server: cloudflare
etag: "666997b1-20ddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XexGQibn5IbULVxqreOgLPo%2FFxTzoLk64DZ%2BSHDObFW5Bfiq376k2Wl%2FouyywiTNu8YvWKOw6TUEMvTcybx9cq8NQQ0CUs2a8KxPDfxnj94mxOdav7A19d3V7GqTrPMotg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-hosted-by: BigScoots
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 8940d7c5b9a29be6-FRA

GET
H2 200 Praise-Supplication-3-scaled.jpg
bukashub.com/wp-content/uploads/2024/06/ 419 KB
0 302ms
302ms Image
image/jpeg 2a02:4780:b:1328:0:1451:6fee:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bukashub.com/wp-content/uploads/2024/06/Praise-Supplication-3-scaled.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1328:0:1451:6fee:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8e491f74a6a644a1376e0bf3cc8666e63a64252733dd496634be9e2c5b883a52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 13 Jun 2024 13:08:20 GMT
server: LiteSpeed
etag: "68b7b-666aef44-bb92e8c108c21310;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 428923
expires: Sat, 22 Jun 2024 07:28:21 GMT

GET
H2 200 Any-source-of-bias-in-2ciowos-20hfs8p.jpg
larryferlazzo.edublogs.org/files/2017/08/ 119 KB
0 336ms
336ms Image
image/jpeg 2606:4700::6810:117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larryferlazzo.edublogs.org/files/2017/08/Any-source-of-bias-in-2ciowos-20hfs8p.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab515a4890fb3bbcb7a728cbcc7f46019fda2bf384663434ecc142a1d505747

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://theguardianklmn.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:28:21 GMT
x-amz-version-id: yZFNhzCHLbTma9AfIJsbBoO38MoQ1oLd
cf-cache-status: REVALIDATED
x-amz-request-id: ZS9JTHDJ641CR2Q8
cf-polished: degrade=85, origSize=141734, status=webp_bigger
x-moha-origin: https://s3.amazonaws.com/user.files.edublogs.org/dist/2/38582/files/2017/08/Any-source-of-bias-in-2ciowos-20hfs8p.jpg
content-length: 122188
x-amz-id-2: 9vrg0PpiSyCAHaK077ux0MEeVldGzjEN45d1zG2UMbtPKZHN7g/Ohyy3RBzcoG7VKAtfWE5mHhc=
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Aug 2017 21:58:05 GMT
server: cloudflare
etag: "c30413420c4e9e9b0f352b157f56ffe9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=72000
accept-ranges: bytes
cf-ray: 8940d7c558301999-FRA
expires: Sun, 16 Jun 2024 03:28:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240612&jk=3385953101725882&bg=!8vGl8b7NAAb64txl2uI7ADQBe5WfOBALI_YkoidAYfpuLG4-UChXsm9LvZMhu-KspJVsc4D5nDs-JTB1tWCjwve24t-3AgAAALpSAAAABGgBB34ANU25qZ2dGIsm4YRosAdJCXQS3Uoyrssz7e8HQW0tFYmVNyCYcd9r3U9Nvzx9JENe27EANWjMmQKWOZFlJhB74n5vxHbnXhS5oGPNkICrfAVGtqxNIxHwlN97s9xmCehgutkb1K-mPD4-B5H7J2WAOlVrnP3g4OHxOQ4w_glti7Mdaq0YDPYSj7OnrNanVrJf5a2RmHAjk8eXdUUtm_RflBp110QCCfmCAtA9sQhL0puO9KU8hOqZMVt9FyAU6Vm8v7YM4jVigGrr5Gwby0q_CCC34gM4TpLEcFA6fdwdhin42ULZrQvDro_Ws_wnyixTWVPUzukUP8Qjvss2vhWA3WNOVNahPRM6nyxtAEIlNAbNEtiyehL8sgtdplak8rvKNgIYGuJOCg6WU00IU89g5fXPoH5h8x9U-qcVJYdsTaiEy8bclZhI0d01LXauMl1QPInW3Fa40R3EOeUtHk00tyn2KXIwsA4MgWLOIeczF7Z7LvHr7ZlLQX2e1FzoDbCYv8xHlZwPL5EOkIvDaNPYF4rVdcQsI5xnm5MmGfLwCb45unD8IS_G905_lg-lkgRRWuwHAv_VwZ_c58c7khxQEWEmqpob-44Rv2V7dwwC2wfGb3G-KZ_CMhat-qv5wEpwEa0qvXvRYrXVkN6fbp9U9bCoF0-4Iaj_0eT630LSBABklIuzMpHhVnnaF2C8_68ErYFh7DRlLzEwDcB-MK8lxbJk0IB8TMT_KLsiL450WXGKw07bISE3hZrToPav5Vc8RRrr9zJG6viQEIhIdxMVKgh6u2QGX0sE__8iYUh3Vq2LwbjAfQajnSllD1w3vec8DEmoX4JgpLUu72QJEZ1Tq3cZfKaVAFumIW1hmyuywYG-nUQ7jHlwI0Zo6Cr2FV6HKfuUhnUP1P_5Q-9-uIbSRR5F5eQciG5PREuSS7b1smJ-NPRTOvO0Ajwn84WzIzg

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.theguardianklmn.com/	1970-01-21 06:56:36	Name: _ga_L57BCEVNPX Value: GS1.1.1718436500.1.0.1718436500.0.0.0
			.theguardianklmn.com/	1970-01-21 06:56:36	Name: _ga Value: GA1.1.389539435.1718436500

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bukashub.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
gbw.cmpc.fun
jodidurgin.com
larryferlazzo.edublogs.org
pagead2.googlesyndication.com
region1.google-analytics.com
static.cdns.space
theguardianklmn.com
tpc.googlesyndication.com
www.eduwonk.com
www.googletagmanager.com
pagead2.googlesyndication.com
119.8.184.92
172.217.16.202
172.217.18.2
172.67.175.48
188.114.97.3
2001:4860:4802:34::36
2604:4f00:10:31a5:0:12:709:1
2606:4700::6810:117
2a00:1450:4001:812::2001
2a00:1450:4001:813::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:831::2008
2a02:4780:b:1328:0:1451:6fee:10
34.120.220.213
06dc95ebccdc6c2f7fb67ac1317a8906ba3dc612870befcdc0453a7e22aa9e30
1867103221d661e54c1578fde84ef2ae26b30032de844760fd4e5c347bd06f8f
19d168cd2aad2cda0abbe60b3c5813d302c1a9c00ca5c52080eb5b3e0a8bcb21
2b52caddecc00d834db84af3ea143970d26ed06ba594d5cf340b9c8f77d4c3ce
2d888d1a1a95aed1aedfff14ed06d498fc36f46d3141e9e396990e222fcd08d4
3b139013ae914739733faca863327eb729307bff0c4d1aca1f38e2963a9ed97b
4c6f8d9397c1ec6c2de930ff14e31534462ad694d4c3febfc18fd05265fcfaed
61ad38fef63e13eb1c12a099c3a23ba4dcbb65969f3dc8b41c8185d7d50f8f6a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6efaa9605942097007f5e2405e53552643f3146ad428a1c19465a255efc448e6
7528897918462354c426ead2b0aefe5c40e67f01efb4b7e09ba03651e854a91e
7734d0d332aed5d4de7fc6f7dd84dd990295586f95b61696ae5b26d05b71f287
791289ab7a8cf358321ada96ca290a609aef02f97eb26f0b474c972b1159ff95
7ab515a4890fb3bbcb7a728cbcc7f46019fda2bf384663434ecc142a1d505747
81cfd5a6139bef8ca4a6119ce20e9f674fc1c92fcc6a09dc4cdb7a9b4c10cb71
879a8ff307ce35a2d4087794dbf886d7d3e6d8a9b78d36eac890b506822fb674
8e491f74a6a644a1376e0bf3cc8666e63a64252733dd496634be9e2c5b883a52
a1e676fc5c7aff2a783486d0030845085696cc9b9b176d8f32f5a4831c9e266c
a202be1242aeed8341d8febcf4d12f28ac9dcdc5d55adc86b1438e2ee6130409
bfa9486b78194b489d5c15ec577c13feaa2d6b38bae8ea1a533d6d5570a2a6c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5708bfb7ad166ebc2db6bc7fd8c3c7fd31f7db272fcdc2ec9231b8eedbd72c0
ecca21d29891d8a2205f4c6921218c7ab109f8885968a40f3d6c2e18172e1058

theguardianklmn.com Open in urlscan Pro 172.67.175.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

57 %IPv6

11 Domains

13 Subdomains

15 IPs

4 Countries

1348 kBTransfer

3024 kBSize

2 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

theguardianklmn.com Open in urlscan Pro
172.67.175.48 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

57 %
IPv6

11
Domains

13
Subdomains

15
IPs

4
Countries

1348 kB
Transfer

3024 kB
Size

2
Cookies

40 HTTP transactions
1 data transactions