tbdailynews.com Open in urlscan Pro
2606:4700:10::6816:2db8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tbdailynews.com/
Effective URL:
https://tbdailynews.com/
Submission: On April 01 via manual (April 1st 2022, 3:27:50 am UTC) from US — Scanned from DE

Summary HTTP 462 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 82 IPs in 9 countries across 55 domains to perform 462 HTTP transactions. The main IP is 2606:4700:10::6816:2db8, located in United States and belongs to CLOUDFLARENET, US. The main domain is tbdailynews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 4th 2021. Valid for: a year.

This is the only time tbdailynews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 79	2606:4700:10:... 2606:4700:10::6816:2db8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
33	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
28	99.86.7.80 99.86.7.80	16509 (AMAZON-02) (AMAZON-02)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a01:7e00:1::... 2a01:7e00:1::b903:5c4c	63949 (LINODE-AP...) (LINODE-AP Linode)
8	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	192.229.233.25 192.229.233.25	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
33	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2 4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:205... 2600:9000:2057:5a00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.71 65.9.66.71	16509 (AMAZON-02) (AMAZON-02)
1	2a01:7e01:1::... 2a01:7e01:1::ac69:92e7	63949 (LINODE-AP...) (LINODE-AP Linode)
1 6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
5	65.9.71.173 65.9.71.173	16509 (AMAZON-02) (AMAZON-02)
5 11	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	65.9.66.19 65.9.66.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
4	143.204.215.111 143.204.215.111	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200d	15169 (GOOGLE) (GOOGLE)
2	99.86.7.29 99.86.7.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.76 143.204.215.76	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.211.187.4 34.211.187.4	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
3	23.205.241.117 23.205.241.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
3	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
4	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	54.171.236.220 54.171.236.220	16509 (AMAZON-02) (AMAZON-02)
2	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
6	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2 6	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
2	184.73.205.114 184.73.205.114	14618 (AMAZON-AES) (AMAZON-AES)
2	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2	63.251.14.3 63.251.14.3	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
27	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	54.36.109.46 54.36.109.46	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1	23.205.239.15 23.205.239.15	16625 (AKAMAI-AS) (AKAMAI-AS)
16	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	18.195.92.214 18.195.92.214	16509 (AMAZON-02) (AMAZON-02)
7 9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	18.194.227.226 18.194.227.226	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.208.3 3.122.208.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	3.121.53.174 3.121.53.174	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
462	82

79 2606:4700:10::6816:2db8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tbdailynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tbdailynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 99.86.7.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-80.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.233.25 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:5a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-71.fra56.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:7e01:1::ac69:92e7 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)

ipwatch.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.71.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.35.236.247 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-19.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.215.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-111.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.7.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-29.fra6.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-76.fra53.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.211.187.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-187-4.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.236.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-236-220.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.73.205.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-205-114.compute-1.amazonaws.com

display.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.14.3 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.109.46 (France)

ASN16276 (OVH, FR)
PTR: p01.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.92.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-92-214.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.227.226 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-227-226.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.208.3 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-208-3.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

medianet-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.53.174 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-53-174.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	tbdailynews.com 1 redirects www.tbdailynews.com tbdailynews.com	2 MB
63	stripe.com js.stripe.com — Cisco Umbrella Rank: 1188 q.stripe.com — Cisco Umbrella Rank: 7309 r.stripe.com — Cisco Umbrella Rank: 5021 m.stripe.com — Cisco Umbrella Rank: 1132	751 KB
43	wp.com i0.wp.com — Cisco Umbrella Rank: 2873 c0.wp.com — Cisco Umbrella Rank: 7127 stats.wp.com — Cisco Umbrella Rank: 2718 pixel.wp.com — Cisco Umbrella Rank: 2543	2 MB
30	googlesyndication.com 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	159 KB
29	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1324 pbs.twimg.com — Cisco Umbrella Rank: 603 ton.twimg.com — Cisco Umbrella Rank: 5533	1 MB
26	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 257	544 KB
26	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 static.doubleclick.net — Cisco Umbrella Rank: 346 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	234 KB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	907 KB
14	gstatic.com fonts.gstatic.com ssl.gstatic.com www.gstatic.com	136 KB
14	google.com apis.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 7 accounts.google.com — Cisco Umbrella Rank: 82 adservice.google.com — Cisco Umbrella Rank: 76	239 KB
12	casalemedia.com 5 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 1291 htlb.casalemedia.com — Cisco Umbrella Rank: 470 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 536	9 KB
12	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 280 fonts.googleapis.com — Cisco Umbrella Rank: 45 jnn-pa.googleapis.com — Cisco Umbrella Rank: 273 imasdk.googleapis.com — Cisco Umbrella Rank: 405	175 KB
10	monu.delivery monu.delivery — Cisco Umbrella Rank: 22906 ipwatch.monu.delivery — Cisco Umbrella Rank: 30729 imps.monu.delivery — Cisco Umbrella Rank: 25760	232 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 579 syndication.twitter.com — Cisco Umbrella Rank: 828	215 KB
8	yahoo.com 2 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1133 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	4 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	10 KB
6	media.net prebid.media.net — Cisco Umbrella Rank: 1198 cs.media.net — Cisco Umbrella Rank: 1799 contextual.media.net — Cisco Umbrella Rank: 511	4 KB
6	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446 image8.pubmatic.com — Cisco Umbrella Rank: 589 image2.pubmatic.com — Cisco Umbrella Rank: 882	1 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 290	42 KB
5	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 12655 geo.privacymanager.io — Cisco Umbrella Rank: 1469	82 KB
4	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 3180	2 KB
4	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 3444 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4164 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4282	18 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1245	32 KB
4	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 99	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	2 KB
3	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1704 sync.go.sonobi.com — Cisco Umbrella Rank: 1004	2 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1658 id5-sync.com — Cisco Umbrella Rank: 607	12 KB
3	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 4304 l3.aaxads.com — Cisco Umbrella Rank: 5252	140 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 2908	894 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 873	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 350	626 B
2	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1909	690 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	73 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 602	1 KB
2	33across.com ssc.33across.com — Cisco Umbrella Rank: 1486	530 B
2	bfmio.com display.bfmio.com — Cisco Umbrella Rank: 17769	927 B
2	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 611	449 B
2	districtm.io dmx.districtm.io — Cisco Umbrella Rank: 1515	319 B
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1149	553 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 326	1 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1571	84 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 207	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	83 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 954	18 KB
1	dotomi.com medianet-match.dotomi.com — Cisco Umbrella Rank: 9232	104 B
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 697	530 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 13097	869 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 7131	324 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8069	792 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 801	328 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	36 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 709	13 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 4816	410 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	38 KB
462	55

	Domain	Requested by
78	tbdailynews.com	tbdailynews.com c0.wp.com
33	c0.wp.com	tbdailynews.com
28	js.stripe.com	tbdailynews.com js.stripe.com
26	s0.2mdn.net	tbdailynews.com 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com s0.2mdn.net
26	pbs.twimg.com	tbdailynews.com
25	r.stripe.com	js.stripe.com
18	www.youtube.com	tbdailynews.com c0.wp.com www.youtube.com apis.google.com
16	pagead2.googlesyndication.com	21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com tbdailynews.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
11	tpc.googlesyndication.com	21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com tbdailynews.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	q.stripe.com	tbdailynews.com
8	apis.google.com	tbdailynews.com apis.google.com www.youtube.com accounts.google.com
7	platform.twitter.com	c0.wp.com platform.twitter.com tbdailynews.com
7	i0.wp.com	tbdailynews.com
6	ib.adnxs.com	2 redirects monu.delivery googleads.g.doubleclick.net
6	c2shb.pubgw.yahoo.com	monu.delivery
6	ssl.gstatic.com	accounts.google.com tbdailynews.com
6	googleads.g.doubleclick.net	1 redirects www.youtube.com 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com tbdailynews.com
6	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
5	imps.monu.delivery	tbdailynews.com
5	securepubads.g.doubleclick.net	monu.delivery securepubads.g.doubleclick.net
5	c.amazon-adsystem.com	monu.delivery c.amazon-adsystem.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net tbdailynews.com
4	e.serverbid.com	monu.delivery
4	geo.privacymanager.io	ats-wrapper.privacymanager.io
4	jnn-pa.googleapis.com	www.youtube.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	www.facebook.com	2 redirects connect.facebook.net
4	fonts.googleapis.com	tbdailynews.com js.stripe.com ajax.googleapis.com
4	monu.delivery	tbdailynews.com monu.delivery
3	x.bidswitch.net	3 redirects
3	image8.pubmatic.com	2 redirects
3	21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
3	www.google.com	www.youtube.com 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com tpc.googlesyndication.com
3	ajax.googleapis.com	tbdailynews.com
2	ads.avct.cloud	2 redirects
2	pm.w55c.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	contextual.media.net
2	cs.media.net
2	protected-by.clarium.io	21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
2	www.googletagservices.com	21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
2	ton.twimg.com	platform.twitter.com
2	id5-sync.com	cdn.id5-sync.com monu.delivery
2	ap.lijit.com	monu.delivery
2	ssc.33across.com	monu.delivery
2	htlb.casalemedia.com	monu.delivery
2	display.bfmio.com	monu.delivery
2	prebid.media.net	monu.delivery
2	ads.yieldmo.com	monu.delivery
2	hbopenbid.pubmatic.com	monu.delivery
2	dmx.districtm.io	monu.delivery
2	prebid.a-mo.net	monu.delivery
2	apex.go.sonobi.com	monu.delivery
2	c.aaxads.com	tbdailynews.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	m.stripe.com	m.stripe.network
2	match.adsrvr.org	js-sec.indexww.com monu.delivery
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	accounts.google.com	apis.google.com tbdailynews.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	confiant-integrations.global.ssl.fastly.net	monu.delivery confiant-integrations.global.ssl.fastly.net
2	yt3.ggpht.com	www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	c0.wp.com connect.facebook.net
2	stats.wp.com	tbdailynews.com
2	use.fontawesome.com	tbdailynews.com
1	medianet-match.dotomi.com
1	dis.criteo.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	sync.go.sonobi.com
1	ssum-sec.casalemedia.com	1 redirects
1	m.exactag.com	21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
1	l3.aaxads.com	tbdailynews.com
1	www.aaxdetect.com	tbdailynews.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	cdn.id5-sync.com	tbdailynews.com
1	api.rlcdn.com	js-sec.indexww.com monu.delivery
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	i.ytimg.com	www.youtube.com
1	get.s-onetag.com	monu.delivery
1	js-sec.indexww.com	monu.delivery
1	imasdk.googleapis.com	monu.delivery
1	static.doubleclick.net	www.youtube.com
1	pixel.wp.com	tbdailynews.com
1	ipwatch.monu.delivery	monu.delivery
1	ats-wrapper.privacymanager.io	monu.delivery
1	stats.g.doubleclick.net	www.google-analytics.com
1	vjs.zencdn.net	tbdailynews.com
1	www.googletagmanager.com	tbdailynews.com
1	www.tbdailynews.com	1 redirects
462	96

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-04` - `2022-09-03`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
*.monu.delivery Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-08` - `2022-04-08`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh
imps.monu.delivery GTS CA 1D4	`2022-02-15` - `2022-05-16`	3 months	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.a-mo.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
e.serverbid.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://tbdailynews.com/
Frame ID: 369EA05314F9FA8DE38FA648FCC8BB69
Requests: 214 HTTP requests in this frame

Frame: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Frame ID: 1109034B3A53053A839DCD7BA7AC0E41
Requests: 37 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jp2diXWZLYA
Frame ID: 63479E9969F30C880AAD549E3D04D2A8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jp2diXWZLYA
Frame ID: 23E61F5B0DFD33FBF2B70722791B1FA0
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Frame ID: F0758E229BA235D35A2074DA29E105D0
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-3f5e58058b639d6c728fd085d602c51b.html
Frame ID: 6D1FB2541B6573FA5E1B9C0DEC56D36D
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
Frame ID: 073F864EDA25337C862240F47CCBD707
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
Frame ID: 8CEC69C18A6090148EBB3747AC590C4D
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
Frame ID: DA0BD95AA4C97095080F4CF9478FB2D5
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df82cfb7192ead4%2526domain%253Dtbdailynews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftbdailynews.com%25252Ff1e7ff08cfee6d%2526relation%253Dparent.parent%26container_width%3D308%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTurtleboy-Sports-103493235123496%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
Frame ID: 66E9A2227F6F6C158F248E6EF0451EB6
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 370F400D529582BC65DF7F3779732F16
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&layout=full&count=default&origin=https%3A%2F%2Ftbdailynews.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Frame ID: 0FA3E8AA191EF352817BD47B85AD6D3D
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Frame ID: 1DE5983EDFDE46A3E2AD1906362B2858
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Ftbdailynews.com
Frame ID: 4C3EF6D15E3683FCA2BACEFDF82BE1C0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36f0118506b7a8%2526domain%253Dtbdailynews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftbdailynews.com%25252Ff1e7ff08cfee6d%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTurtleboy-Sports-103493235123496%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
Frame ID: B5CF1B8BAA88DFB2B3D37D0755631B9F
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 5E01908AF2B965100EA033BBD5EEE4F8
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Ftbdailynews.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Frame ID: 94DEE28BFA1FCD64DB3EE8C297D6EC46
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0F5CD1962509426248A28F39C3F236BC
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Frame ID: 542474BB1DF3963942A20B2A7CF6C2BA
Requests: 4 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1509707887224008709/_yQcB2bX?format=jpg&name=280x280
Frame ID: 70C3E6288067AD10F1570086019DC989
Requests: 33 HTTP requests in this frame

Frame: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B976485F93B639F60A96B7C31B05E085
Requests: 1 HTTP requests in this frame

Frame: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3E6D65A8E88BD2DAF4D47A7961328BE3
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLhgcsCEInDn9ACGNCfscABMAE&v=APEucNUDD8O2UO4YA3LP_7yVnJQXRWyQdMJ9dkFzJJCHYFXxt63ZmyOVbGWIevThePCgNFOh_aac9yETEpOStKDoIhhhLWbGIsmHBgmu5QUJQvuEz6XTCRbkwUNv3XRnGw-fRvcC_d5A7xtsks9Qd7cETsGxS0NR_emRXO8laHDUtLAHYSPB34U
Frame ID: 163ADF110C0DF3D2F3DC76A270D015B3
Requests: 5 HTTP requests in this frame

Frame: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C2C9E069087CC24AE2B7373E376F0603
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-o9AEQtYHOAhibyrrEATAB&v=APEucNViNM8GAs7Z1yd2J6tt3oSK9WJGZCF6XjLomryJE2yuLxvkfhGWhUF3SRsMwtFd__LRsqqMphj0jqwUWoUbHMeA8tjEgBPzoygC5lHkyP0oT_s3oCH6mDKUrU0-zlzWvuzc1iCR_oLr_0y9ikbUHmnC0Z5___bayo2vhqJ6syy_cdHNaOM
Frame ID: A692451F6137D09F771A9D43D3DB751E
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
Frame ID: C5ECB33015C8079F20C32B2168230581
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B903FA74A1370FEDA40F5BB6627C76C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B91ABD8DC6DA028415001880D298CFE1
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: E697B42B5A2F8320A6F086F819D98713
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FB4D51369F3110E682E610A8F16407A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 058400C16055C769AC76E32EAC265519
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - TB Daily News

Page URL History Show full URLs

https://www.tbdailynews.com/ HTTP 301
https://tbdailynews.com/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

462
Requests

96 %
HTTPS

42 %
IPv6

55
Domains

96
Subdomains

82
IPs

9
Countries

8996 kB
Transfer

21106 kB
Size

52
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCWxTJ-zRHUHfP84jfbCvquA/videos
Title: TB LIVE SHOW

Search URL Search Domain Scan URL

URL: https://www.facebook.com/people/Clarence-Woods-Emerson/100008198773399/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/doctorturtleboy
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCWxTJ-zRHUHfP84jfbCvquA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/turtleboy_daily_news/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@turtleboy_daily_news
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Turtleboy-Sports-103493235123496
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tbdailynews.com/ HTTP 301
https://tbdailynews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 153

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df82cfb7192ead4%26domain%3Dtbdailynews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftbdailynews.com%252Ff1e7ff08cfee6d%26relation%3Dparent.parent&container_width=308&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2FTurtleboy-Sports-103493235123496&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=340 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df82cfb7192ead4%2526domain%253Dtbdailynews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftbdailynews.com%25252Ff1e7ff08cfee6d%2526relation%253Dparent.parent%26container_width%3D308%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTurtleboy-Sports-103493235123496%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340

Request Chain 189

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 227

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36f0118506b7a8%26domain%3Dtbdailynews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftbdailynews.com%252Ff1e7ff08cfee6d%26relation%3Dparent.parent&container_width=0&height=432&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2FTurtleboy-Sports-103493235123496&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=340 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36f0118506b7a8%2526domain%253Dtbdailynews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftbdailynews.com%25252Ff1e7ff08cfee6d%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTurtleboy-Sports-103493235123496%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340

Request Chain 383

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL85tEDjflcfh_9XNACvnVU&google_cver=1

Request Chain 384

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkZxLyAnU9U4Byqgrv5O1wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1

Request Chain 385

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKmNPRo7928p5wNcCy6ls0U&google_cver=1

Request Chain 386

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MTQ0MzM5OTA4MjAwMDg1NQ%3D%3D

Request Chain 398

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1

Request Chain 399

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkZxLyAnU9U4Byqgrv5O2AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1

Request Chain 400

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPfr-pPqVw29s4ENi4JB4wc&google_cver=1

Request Chain 401

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MTQ0MzM5OTA4MjAwMDg1NQ%3D%3D

Request Chain 416

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 461

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YkZxLyAnU9U4Byqgrv5O2AAA%261156

Request Chain 464

https://image8.pubmatic.com/AdServer/ImgSync?p=156972 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156972&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njk0RUJCRkUtNzU5Ny00RkZFLTlBQjUtQUUyMTUwMDk4MUM5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 465

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=40035c74-4024-4bb3-b464-dcc449e90bf8

Request Chain 466

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb2d84e5c-b16b-11ec-a38f-0214991a90ae HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb2d84e5c-b16b-11ec-a38f-0214991a90ae&verify=true HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb2d84e5c-b16b-11ec-a38f-0214991a90ae

Request Chain 467

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=gxbsNdaS1NA7WW5

Request Chain 469

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=e24cd9a1-dbae-4af0-ba82-8e5315d604ef&ssp=medianet HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cd3d302b-7837-4f67-a1de-3e7aecf63004&gdpr=&gdpr_consent=&gdpr_pd=

462 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tbdailynews.com/
Redirect Chain

https://www.tbdailynews.com/
https://tbdailynews.com/

283 KB
45 KB

503ms
503ms

Document
text/html

2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: d973751c508cce894e72387a9a8faef3a27b43b68fff5fde16c3f85e0c5bf2cb

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f4e3aee79da01f4-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 03:27:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://tbdailynews.com/wp-json/>; rel="https://api.w.org/" <https://tbdailynews.com/wp-json/wp/v2/pages/165056>; rel="alternate"; type="application/json" <https://wp.me/Paskge-GWc>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 6f4e3aeacfb601f4-ZRH
content-type: text/html
date: Fri, 01 Apr 2022 03:27:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://tbdailynews.com/
server: cloudflare

GET
H2 200 264400708_1040393293192860_4080631031489931018_n-e1641923021871.png
tbdailynews.com/wp-content/uploads/2022/01/ 14 KB
14 KB 43ms
42ms Image
image/png 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tbdailynews.com/wp-content/uploads/2022/01/264400708_1040393293192860_4080631031489931018_n-e1641923021871.png
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b98e3bb5f882673dbe98e132008f04eada8ab70070d2dcfdd140a699754e25a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 17:43:41 GMT
server: cloudflare
age: 19192
etag: "61ddc1cd-398f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af1cbd501f4-ZRH
content-length: 14735

GET
H2 200 264400708_1040393293192860_4080631031489931018_n-2.png
tbdailynews.com/wp-content/uploads/2022/01/ 261 KB
261 KB 22ms
21ms Image
image/png 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tbdailynews.com/wp-content/uploads/2022/01/264400708_1040393293192860_4080631031489931018_n-2.png
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da047b22e71eabf635515f8abb26f093f2bc8705ce70ce9f91e1bc5f301dec7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 16:49:17 GMT
server: cloudflare
age: 19192
etag: "61df068d-41228"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af1dbd601f4-ZRH
content-length: 266792

GET
H2 200 FPJn0iGWUAEU6Z5-e1648759737544.jpg
i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/ 30 KB
31 KB 126ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/FPJn0iGWUAEU6Z5-e1648759737544.jpg?resize=780%2C470&ssl=1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7f8007b2d40829cddf7f16d81a4d1015cd7deb2cb251b99b0f857622f3fdbb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 01 Apr 2022 03:27:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 31 Mar 2022 22:08:26 GMT
server: nginx
etag: "1da2996801d273ab"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbdailynews.com/wp-content/uploads/2022/03/FPJn0iGWUAEU6Z5-e1648759737544.jpg>; rel="canonical"
content-length: 31080
expires: Sun, 31 Mar 2024 10:08:26 GMT

GET
H2 200 Screen-Shot-2022-03-31-at-4.02.32-PM-e1648756988103.png
i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/ 221 KB
221 KB 126ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-31-at-4.02.32-PM-e1648756988103.png?resize=780%2C470&ssl=1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

13d74270faa0289e3f450391d9ec9b29a2d9d96a47ce3c6fb795f97e3c54c5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 31 Mar 2022 20:07:59 GMT
server: nginx
etag: "b72aa78067a2c8bc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-31-at-4.02.32-PM-e1648756988103.png>; rel="canonical"
content-length: 225856
expires: Sun, 31 Mar 2024 08:07:59 GMT

GET
H2 200 Screen-Shot-2022-03-31-at-12.03.44-PM-e1648742671783.png
i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/ 182 KB
183 KB 161ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-31-at-12.03.44-PM-e1648742671783.png?resize=780%2C470&ssl=1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ecbe477eed6479fbc6ee0b999285545857eb5f1bc8d5c86cfd44f58c5bc437fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 01 Apr 2022 03:27:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 31 Mar 2022 22:08:26 GMT
server: nginx
etag: "b43b98c1072db4cc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-31-at-12.03.44-PM-e1648742671783.png>; rel="canonical"
content-length: 186764
expires: Sun, 31 Mar 2024 10:08:26 GMT

GET
H2 200 Screen-Shot-2022-03-30-at-10.11.59-PM-e1648692912682.png
i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/ 287 KB
287 KB 173ms
83ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-30-at-10.11.59-PM-e1648692912682.png?resize=780%2C470&ssl=1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6b2b22601b1972ad2358a9034d6340071741b0af572ed57b39acf0e1440a5910

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 01 Apr 2022 03:27:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 31 Mar 2022 02:19:09 GMT
server: nginx
etag: "4444b189e08e2f24"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-30-at-10.11.59-PM-e1648692912682.png>; rel="canonical"
content-length: 293440
expires: Sat, 30 Mar 2024 14:19:09 GMT

GET
H2 200 Screen-Shot-2022-03-30-at-2.39.36-PM-e1648665618433.png
i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/ 232 KB
232 KB 173ms
83ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-30-at-2.39.36-PM-e1648665618433.png?resize=780%2C470&ssl=1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

40b10d40a1af8e0c876b82d450572df8abef15ddff9fedf7839ea1d0121cd02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 01 Apr 2022 03:27:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 31 Mar 2022 02:19:09 GMT
server: nginx
etag: "c879e7a1b6af396b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-30-at-2.39.36-PM-e1648665618433.png>; rel="canonical"
content-length: 237244
expires: Sat, 30 Mar 2024 14:19:09 GMT

GET
H2 200 tielabs-fonticon.woff
tbdailynews.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
40 KB 678ms
678ms Font
font/woff 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer: https://tbdailynews.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
etag: "61ddabdd-9e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af1dbd701f4-ZRH
content-length: 40536

GET
H2 200 fa-solid-900.woff2
tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 78 KB
78 KB 795ms
794ms Font
font/woff2 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://tbdailynews.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
etag: "61ddabdd-13654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af1dbd801f4-ZRH
content-length: 79444

GET
H2 200 fa-brands-400.woff2
tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
75 KB 844ms
841ms Font
font/woff2 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://tbdailynews.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
etag: "61ddabdd-12b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af1dbd901f4-ZRH
content-length: 76612

GET
H2 200 fa-regular-400.woff2
tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 13 KB
13 KB 592ms
589ms Font
font/woff2 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://tbdailynews.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
etag: "61ddabdd-3510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af1dbdb01f4-ZRH
content-length: 13584

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 48ms
18ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 12:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 12:26:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 122ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139423437-1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94b0e82d90fff9ad3963223e423ac80200aac3bafd594c55d3514b3a31c01bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38067
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Apr 2022 03:27:40 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.9.2/wp-includes/js/mediaelement/ 11 KB
3 KB 31ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.9.2/wp-includes/js/mediaelement/ 4 KB
1 KB 31ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 wc-blocks-vendors-style.css
c0.wp.com/p/woocommerce/6.1.2/packages/woocommerce-blocks/build/ 5 KB
1 KB 31ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/6.1.2/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Tue, 24 Aug 2021 20:39:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 wc-blocks-style.css
c0.wp.com/p/woocommerce/6.1.2/packages/woocommerce-blocks/build/ 193 KB
19 KB 31ms
8ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/6.1.2/packages/woocommerce-blocks/build/wc-blocks-style.css

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41ac98831a8184099454864cc91dd7ec13a196dc0134aa631b4fdc58307c7fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Tue, 21 Dec 2021 19:24:57 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 wpautoterms.css
tbdailynews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
292 B 41ms
37ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.9.2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:08 GMT
server: cloudflare
age: 19192
etag: W/"61d81a68-223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1dbe001f4-ZRH

GET
H2 200 public.css
tbdailynews.com/wp-content/plugins/stripe-payments/public/assets/css/ 5 KB
1 KB 40ms
37ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/stripe-payments/public/assets/css/public.css?ver=2.0.52
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cc63bbc0909c61913044fcb995664904cf4f4fdbd91853ea3a4c58a810d93bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:44:53 GMT
server: cloudflare
age: 19192
etag: W/"61d819a5-1228"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1dbe101f4-ZRH

GET
H2 200 woocommerce.min.css
tbdailynews.com/wp-content/themes/jannah/assets/css/plugins/ 65 KB
11 KB 40ms
38ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/css/plugins/woocommerce.min.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c43d49a4d294199fcee7fbe7ddb42f31126afc4f116d9be4f991a36dc48c55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-1029d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1dbe201f4-ZRH

GET
H2 200 wpstream_style.css
tbdailynews.com/wp-content/plugins/wpstream/public//css/ 9 KB
2 KB 39ms
37ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/public//css/wpstream_style.css?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f027f6d67f7611bc65bb6672244d9e81781182f2a3fe23aa5927f92cf6bc023a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19192
etag: W/"61d81a78-2530"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1dbe301f4-ZRH

GET
H2 200 video-js.min.css
tbdailynews.com/wp-content/plugins/wpstream/public//css/ 38 KB
10 KB 41ms
40ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/public//css/video-js.min.css?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c92903d5602f1c1419e9c647f0db022d425efaaa580d9849e9b6132cb1020f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19192
etag: W/"61d81a78-99db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebe901f4-ZRH

GET
H2 200 videojs-wpstream.css
tbdailynews.com/wp-content/plugins/wpstream/public//css/ 2 KB
676 B 39ms
38ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/public//css/videojs-wpstream.css?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7520e13af9bae547cc5d74a9f3e28a86050f6bf58ea7938fb625e3c163970700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19192
etag: W/"61d81a78-8ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebea01f4-ZRH

GET
H2 200 wpstream-admin.css
tbdailynews.com/wp-content/plugins/wpstream/admin/css/ 19 KB
4 KB 38ms
35ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/admin/css/wpstream-admin.css?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d3464b6e3998f2785ae34414ffbddc5400319eb1e5b8b224b41520fe929a500

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19192
etag: W/"61d81a78-4a13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebeb01f4-ZRH

GET
H2 200 give.css
tbdailynews.com/wp-content/plugins/give/assets/dist/css/ 70 KB
13 KB 38ms
34ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give.css?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3170c86658687db9f461ef450a39bef414f6139f07e299d4886df6ba0c62e86f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19192
etag: W/"61d81a1c-119ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebec01f4-ZRH

GET
H2 200 give-donation-summary.css
tbdailynews.com/wp-content/plugins/give/assets/dist/css/ 2 KB
658 B 39ms
35ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give-donation-summary.css?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e976ce625ed3f3bda9494292f078e7f0c16f233da123fac2dba7be916b96db1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19192
etag: W/"61d81a1c-7f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebed01f4-ZRH

GET
H2 200 wc-memberships-frontend.min.css
tbdailynews.com/wp-content/plugins/woocommerce-memberships/assets/css/frontend/ 4 KB
917 B 38ms
34ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/woocommerce-memberships/assets/css/frontend/wc-memberships-frontend.min.css?ver=1.14.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865621ac5f128903e5ff1561805a16ce4fd20938f62a4a6807876f78a6f0b92d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Feb 2020 16:36:42 GMT
server: cloudflare
age: 19192
etag: W/"5e42d81a-e6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebee01f4-ZRH

GET
H2 200 style.css
c0.wp.com/p/jetpack/10.5/modules/widgets/facebook-likebox/ 48 B
111 B 40ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.5/modules/widgets/facebook-likebox/style.css

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9fbd3c2713beacc2285bd418877d4a36273244eabf9df9f488bbd6f5ec2c467d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
last-modified: Mon, 06 Jul 2015 18:16:56 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 48
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 105ms
26ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19468437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3A5X2RB32ASXZ4ZW
x-amz-id-2: +kdCGILGbObXNRUl29ZBmm5nbKdr88MW8YvLWLrmP7rcWVWuIaJnXEozHBDr+oet4aC9X8AVQG8=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJO%2FYSgDOz20JZg%2FqiJT%2FdFW3V0R7bPbBHT9MqpLtGz4f1hhzV6LDGIigp%2FlJQrv4%2BL8r05iaAw59V6v3MEqy%2FtTcXD9Dxm8LWys%2BNHyzmRRusTGyjhPNK0I3PfwoiG8tkXQAtHkGFlXmeRRahTaDstD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6f4e3af25c3b5a07-MXP

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 104ms
25ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20603453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KYJ32NF65EGJQTE4
x-amz-id-2: tRhQLn46zxdcHBtJscB2bIkt1aUR7AGjsDahgRBhxgp15uXXwjMtQRex2kFMPVMx5nSEbmeXQaY=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"a034d3c71bee546f625877d7932917f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82SGwmcgYWoRyGNr4TDnuZq32kwEM5tavgh2KSPCocDf2dhhN1rJBwysVrR4LgsJjZAhnH4rVHnLaPBHHM31TUzQ6otSYVI%2F7mvAaecj4tO0j4RBDv5XeCMLLD2MQAh8YQS1Rs%2BEE6tgSr7wGw6SQDq5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6f4e3af25c3c5a07-MXP

GET
H2 200 base.min.css
tbdailynews.com/wp-content/themes/jannah/assets/css/ 41 KB
8 KB 36ms
33ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-a3b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebef01f4-ZRH

GET
H2 200 style.min.css
tbdailynews.com/wp-content/themes/jannah/assets/css/ 171 KB
30 KB 37ms
34ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-2aca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebf001f4-ZRH

GET
H2 200 widgets.min.css
tbdailynews.com/wp-content/themes/jannah/assets/css/ 53 KB
9 KB 37ms
34ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-d37e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebf101f4-ZRH

GET
H2 200 helpers.min.css
tbdailynews.com/wp-content/themes/jannah/assets/css/ 15 KB
4 KB 36ms
33ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-3b78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebf201f4-ZRH

GET
H2 200 fontawesome.css
tbdailynews.com/wp-content/themes/jannah/assets/css/ 57 KB
12 KB 36ms
33ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-e526"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebf301f4-ZRH

GET
H2 200 skin.css
tbdailynews.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 12 KB
2 KB 36ms
33ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-2ef2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebf401f4-ZRH

GET
H2 200 shortcodes.min.css
tbdailynews.com/wp-content/themes/jannah/assets/css/plugins/ 11 KB
3 KB 38ms
35ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-2d99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebf501f4-ZRH

GET
H2 200 taqyeem.min.css
tbdailynews.com/wp-content/themes/jannah/assets/css/plugins/ 7 KB
2 KB 37ms
35ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/css/plugins/taqyeem.min.css?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8133f6e5c98f920ffbe15f23fc2bf00db1f8cdd8594f79a7a8571dc9695b9ed9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19192
etag: W/"61ddabdd-1d82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af1ebf601f4-ZRH

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.5/css/ 86 KB
16 KB 21ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.5/css/jetpack.css

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Tue, 04 Jan 2022 22:15:08 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 shortcodes.css
tbdailynews.com/wp-content/plugins/luke-shortcodes//src/ 99 B
206 B 26ms
23ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-shortcodes//src/shortcodes.css?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adde0b785eefb324975b12f06274c721c7feaaa80fbeb39af7d6a2d938c12a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:06:20 GMT
server: cloudflare
age: 19192
etag: W/"5eb54b3c-63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af22c1601f4-ZRH

GET
H2 200 owl.carousel.css
tbdailynews.com/wp-content/plugins/luke-slider/src/ 1 KB
625 B 42ms
39ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-slider/src/owl.carousel.css?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86697aaf1700624aa65f9df09612004e0f8e59a64b207bcd72ed0efefbff909f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:07:14 GMT
server: cloudflare
age: 19192
etag: W/"5eb54b72-5f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af22c1701f4-ZRH

GET
H2 200 owl.theme.css
tbdailynews.com/wp-content/plugins/luke-slider/src/ 2 KB
827 B 634ms
630ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-slider/src/owl.theme.css?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03461e2776a3c3b29cb997af9abfa50ab8aefbda714b9afaceef14db03820370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 May 2020 12:07:14 GMT
server: cloudflare
etag: W/"5eb54b72-790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af22c1801f4-ZRH

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/jquery/ 87 KB
30 KB 22ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/jquery/ 11 KB
4 KB 34ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/vendor/ 6 KB
2 KB 34ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 16:35:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/vendor/ 19 KB
7 KB 34ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 dom-ready.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/ 1 KB
607 B 34ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/dom-ready.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:39 GMT

GET
H2 200 base.js Show response
tbdailynews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 720 B
378 B 23ms
20ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.9
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:08 GMT
server: cloudflare
age: 19192
etag: W/"61d81a68-2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c1b01f4-ZRH

GET
H2 200 frontend-gtag.min.js Show response
tbdailynews.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
3 KB 39ms
36ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.3.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:56 GMT
server: cloudflare
age: 19192
etag: W/"61d81a20-2e81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c1e01f4-ZRH

GET
H2 200 video.js Show response
vjs.zencdn.net/7.8.4/ 2 MB
410 KB 83ms
18ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.8.4/video.js?ver=5.9.2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0950ef40b958d63bec2627ea6d6872e4015dcaa4ea5bf82cffa9c8b5deed2df6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 20:29:41 GMT
etag: "32f8b08af688c8d4ca733a5d67e4c39a"
x-served-by: cache-mxp6983-MXP
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 419684
x-cache-hits: 1

GET
H2 200 youtube.min.js Show response
tbdailynews.com/wp-content/plugins/wpstream/public/js/ 14 KB
4 KB 38ms
35ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/public/js/youtube.min.js?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6096d86dff36332e56f668d27cdc943a79e169f40f348ff76f4c2ddeb14bfdeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19192
etag: W/"61d81a78-3655"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c1f01f4-ZRH

GET
H2 200 videojs-vimeo.min.js Show response
tbdailynews.com/wp-content/plugins/wpstream/public/js/ 26 KB
8 KB 38ms
35ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/public/js/videojs-vimeo.min.js?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 829c71bf065e365c575f69956fe03ff029eab0c5e9c44c6503903edc95c167ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19192
etag: W/"61d81a78-666d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c2001f4-ZRH

GET
H2 200 wpstream-player.js Show response
tbdailynews.com/wp-content/plugins/wpstream/public/js/ 14 KB
4 KB 24ms
21ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/public/js/wpstream-player.js?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49ab23926779071cdf7622dccb8e17ce14772aecf0d93ec77997a80c34e8230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19192
etag: W/"61d81a78-3883"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c2101f4-ZRH

GET
H2 200 sldp-v2.12.1.min.js Show response
tbdailynews.com/wp-content/plugins/wpstream/public/js/ 241 KB
72 KB 31ms
29ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/public/js/sldp-v2.12.1.min.js?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f583e6f066580f1ff8de79aa4b6db998d82f8a672fd166fbcc842f25e4c4ffb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19192
etag: W/"61d81a78-3c24d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c2201f4-ZRH

GET
H2 200 / Show response
js.stripe.com/v3/ 290 KB
76 KB 136ms
16ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=2.17.1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d21553a716a5210921050dbc5e4ef269068fae93574e931f64d96e095fb098f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:39 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 18:28:23 GMT
server: Cloudfront
etag: W/"5604166597ebc6e36072d48eac071553"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: oDZjt7R1IeEBBY8gEp8aHofcjfH5__bq9U90doLxulpZdOKTiRExCQ==

GET
H2 200 give-stripe.js Show response
tbdailynews.com/wp-content/plugins/give/assets/dist/js/ 7 KB
2 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/js/give-stripe.js?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04fa0c414c589de5f897b3ff10c0a91418dffc7a0890e6bc1d2fd24c9088120

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19192
etag: W/"61d81a1c-1d9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c2301f4-ZRH

GET
H2 200 give.js Show response
tbdailynews.com/wp-content/plugins/give/assets/dist/js/ 154 KB
50 KB 24ms
22ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/js/give.js?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66768ee3c87238e9e15415c799808d72c282d689e3e1cdc03cec55df921bc91b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19192
etag: W/"61d81a1c-269b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c2401f4-ZRH

GET
H2 200 s-202213.js Show response
stats.wp.com/ 9 KB
4 KB 115ms
45ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/s-202213.js
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-2494"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Mon, 27 Mar 2023 18:38:18 GMT

GET
H2 200 scripttag.js Show response
tbdailynews.com/wp-content/plugins/cometchat/js/ 0
80 B 23ms
21ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/cometchat/js/scripttag.js?ver=5.9.2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 21:22:36 GMT
server: cloudflare
age: 19192
etag: "60a5819c-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af23c2501f4-ZRH
content-length: 0

GET
H2 200 owl.carousel.min.js Show response
tbdailynews.com/wp-content/plugins/luke-slider/src/ 23 KB
6 KB 39ms
38ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-slider/src/owl.carousel.min.js?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:07:14 GMT
server: cloudflare
age: 19192
etag: W/"5eb54b72-5d52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c2601f4-ZRH

GET
H2 200 owl.script.js Show response
tbdailynews.com/wp-content/plugins/luke-slider/src/ 335 B
315 B 37ms
36ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-slider/src/owl.script.js?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4a56f970ea8c531689a1430aca41a918936fcf38c914303378632259861e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:07:14 GMT
server: cloudflare
age: 19192
etag: W/"5eb54b72-14f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af23c2701f4-ZRH

GET
H/1.1 200
OK 3110c0-aba7-4877-bc35-60adbb93ceeb.js Show response
monu.delivery/site/2/5/ 742 KB
212 KB 333ms
164ms Script
application/javascript 2a01:7e00:1::b903:5c4c
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8585b10730ff45a2dcba5da91812f7b2aa11d0c927741d99bea1a24ea8d6354b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
content-type: application/javascript
age: 1
transfer-encoding: chunked
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
geo: {"country": {"geoname_registered": {"is_in_european_union": 0}, "registered_country": {"is_in_european_union": 0}, "represented_country": {"is_in_european_union": 0}, "is_big_4": 0, "is_na": 0, "is_us": 0}}
last-modified: Thu, 24 Mar 2022 17:57:18 GMT
server: nginx
vary: Accept-Encoding
x-goog-hash: crc32c=vHOyXg==, md5=8Rd+bqSPD9AH/dIIqlOf4w==
x-goog-generation: 1648144638652552
cache-control: max-age=7200
x-goog-stored-content-length: 759455
x-guploader-uploadid: ADPycdvx3NHyfVysE2NBBV4Pb54RDXEdwhZ99pCAsblGrrlAk_xu5mJGWSh5oBuS-vcJYHVKZkS5QLhwTjkuS0b7qw
expires: Fri, 01 Apr 2022 05:27:41 GMT

GET
H2 200 api.js Show response
tbdailynews.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 43ms
43ms Script
text/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbdailynews.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6f4e3af79f0d01f4-ZRH

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/10.5/_inc/build/photon/ 685 B
417 B 45ms
39ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.5/_inc/build/photon/photon.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
13 KB 47ms
41ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.43.0

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 16:38:22 GMT
x-content-type-options: nosniff
age: 211758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13188
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 16:38:22 GMT

GET
H2 200 mailoptin.min.js Show response
tbdailynews.com/wp-content/plugins/mailoptin/src/core/src/assets/js/ 45 KB
14 KB 63ms
57ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.43.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c1a1c63ae44a0fb505045dc0a121dc2983344851510dee8a295d2ba49a5975

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 13 Jan 2022 13:54:02 GMT
server: cloudflare
age: 19193
etag: W/"61e02efa-b3b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af69e7c01f4-ZRH

GET
H2 200 stripe-handler-ng.js Show response
tbdailynews.com/wp-content/plugins/stripe-payments/public/assets/js/ 8 KB
3 KB 65ms
59ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/stripe-payments/public/assets/js/stripe-handler-ng.js?ver=2.0.52
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a372b676d0bff01d23b5dc12a7967d08eb423598a69e5253364c58792adfe2af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:44:53 GMT
server: cloudflare
age: 19193
etag: W/"61d819a5-201a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af69e7f01f4-ZRH

GET
H2 200 jquery.blockUI.min.js Show response
c0.wp.com/p/woocommerce/6.1.2/assets/js/jquery-blockui/ 9 KB
3 KB 47ms
41ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/6.1.2/assets/js/jquery-blockui/jquery.blockUI.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Tue, 23 Nov 2021 22:30:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 add-to-cart.min.js Show response
c0.wp.com/p/woocommerce/6.1.2/assets/js/frontend/ 3 KB
1 KB 47ms
41ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/6.1.2/assets/js/frontend/add-to-cart.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Tue, 22 Sep 2020 21:16:49 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 js.cookie.min.js Show response
c0.wp.com/p/woocommerce/6.1.2/assets/js/js-cookie/ 2 KB
955 B 47ms
41ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/6.1.2/assets/js/js-cookie/js.cookie.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Tue, 19 Jan 2021 23:55:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 woocommerce.min.js Show response
c0.wp.com/p/woocommerce/6.1.2/assets/js/frontend/ 2 KB
732 B 47ms
41ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/6.1.2/assets/js/frontend/woocommerce.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Tue, 18 May 2021 17:00:20 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 cart-fragments.min.js Show response
c0.wp.com/p/woocommerce/6.1.2/assets/js/frontend/ 3 KB
967 B 47ms
42ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/6.1.2/assets/js/frontend/cart-fragments.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Tue, 23 Nov 2021 22:30:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 core.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/jquery/ui/ 20 KB
6 KB 47ms
42ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 menu.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/jquery/ui/ 10 KB
3 KB 49ms
44ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/ui/menu.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2abc07f83e0a9c350b5580983d7eb8249eb5848c40e4762770297b9e67eba974

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/ 6 KB
2 KB 49ms
44ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/hooks.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 i18n.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/ 10 KB
4 KB 49ms
44ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/i18n.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 a11y.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/ 3 KB
1 KB 83ms
78ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/a11y.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 autocomplete.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/jquery/ui/ 8 KB
3 KB 83ms
79ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/ui/autocomplete.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

21c7b4a55ddcf0f40806dbec924729bd87dca55501380f6e6069b9f6e3492437

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 effect.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/jquery/ui/ 17 KB
6 KB 83ms
79ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/ui/effect.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 start_streaming.js Show response
tbdailynews.com/wp-content/plugins/wpstream/public/js/ 15 KB
3 KB 62ms
58ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/wpstream/public/js/start_streaming.js?ver=4.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fdb91943ef492a6f7a1962d0e0a007e0634a609f608ad3abe1ec9bbfa2e742a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:48:24 GMT
server: cloudflare
age: 19193
etag: W/"61d81a78-3ba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af69e8001f4-ZRH

GET
H2 200 give-donation-summary.js Show response
tbdailynews.com/wp-content/plugins/give/assets/dist/js/ 7 KB
3 KB 62ms
58ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/js/give-donation-summary.js?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4556e963f3488fecd148a9a3cb2d0c3ef574a098ffd94b092a8e3656d0dd3eed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19193
etag: W/"61d81a1c-1df5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af69e8101f4-ZRH

GET
H2 200 facebook-embed.min.js Show response
c0.wp.com/p/jetpack/10.5/_inc/build/ 639 B
363 B 83ms
79ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.5/_inc/build/facebook-embed.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a5950c0c5ca80c85d524deccd4d0b2c34d3567ec90e568e670fcd858cf6a2ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 17:52:08 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 twitter-timeline.min.js Show response
c0.wp.com/p/jetpack/10.5/_inc/build/ 270 B
305 B 83ms
79ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.5/_inc/build/twitter-timeline.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3688a29bbda548acee73eb4383de2cfe65fee84e27fe7d2bccb7d670f697fa18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 270
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 intersection-observer.js Show response
tbdailynews.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 53ms
51ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=6ae6d91d4b64fe31e32c2797e7c3dd42
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 13 Jan 2022 13:12:16 GMT
server: cloudflare
age: 19193
etag: W/"61e02530-2317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af6feb801f4-ZRH

GET
H2 200 lazy-images.js Show response
tbdailynews.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 53ms
51ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=22d8bb42bcd6edc9c8ef53eb9b087d17
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 13 Jan 2022 13:12:16 GMT
server: cloudflare
age: 19193
etag: W/"61e02530-925"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af6feb901f4-ZRH

GET
H2 200 scripts.min.js Show response
tbdailynews.com/wp-content/themes/jannah/assets/js/ 22 KB
7 KB 55ms
54ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19193
etag: W/"61ddabdd-57c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af6feba01f4-ZRH

GET
H2 200 lightbox.js Show response
tbdailynews.com/wp-content/themes/jannah/assets/ilightbox/ 80 KB
25 KB 53ms
52ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19193
etag: W/"61ddabdd-13e0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af6febb01f4-ZRH

GET
H2 200 sliders.min.js Show response
tbdailynews.com/wp-content/themes/jannah/assets/js/ 48 KB
12 KB 46ms
45ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19193
etag: W/"61ddabdd-c0a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af75ee801f4-ZRH

GET
H2 200 shortcodes.js Show response
tbdailynews.com/wp-content/themes/jannah/assets/js/ 11 KB
4 KB 46ms
45ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c9fd37dca1ec56a382c45a38fd9aa8425a4b522200f6526b982902f3c3f06c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 19193
etag: W/"61ddabdd-2bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af75ee901f4-ZRH

GET
H2 200 desktop.min.js Show response
tbdailynews.com/wp-content/themes/jannah/assets/js/ 16 KB
5 KB 587ms
587ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
etag: W/"61ddabdd-4198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af75eeb01f4-ZRH

GET
H2 200 platform.js Show response
apis.google.com/js/ 53 KB
21 KB 189ms
45ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?ver=5.9.2

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b20a12e1ef6bd7b0f43f5259d5221e99f08ec674565d04f9f16c201ad2adcba7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20541
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 01 Apr 2022 03:27:40 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "2794c7da98ebb265"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 03:27:40 GMT

GET
H2 200 e-202213.js Show response
stats.wp.com/ 9 KB
3 KB 71ms
45ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202213.js
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 20 Mar 2023 07:02:07 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 243ms
170ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/wp-content/plugins/wpstream/public/js/youtube.min.js?ver=4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7052d0df9611084837de96895e60f8d25412cef2d0ad29be0e1a8987365f582c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 01 Apr 2022 03:27:40 GMT

GET
BLOB 200
OK ef020c46-5faa-46ec-96bb-69228b829984
https://tbdailynews.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tbdailynews.com/ef020c46-5faa-46ec-96bb-69228b829984
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 164825 Show response
tbdailynews.com/newdonationform/ Frame 1109 42 KB
9 KB 173ms
172ms Document
text/html 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 8985c5aed3ec499dcab3b48919120120c7bf9fbf163606343c9c453b1f5d6a1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f4e3af6be9001f4-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 03:27:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 10
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
DATA 200
OK truncated
/ 970 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04ba65966f0ba6f21c77bc845b136cb33870fd99e8c0fc7781a842ac67f66aff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Screen-Shot-2022-03-24-at-9.05.52-PM-e1648170392375.png
i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/ 289 KB
289 KB 59ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-24-at-9.05.52-PM-e1648170392375.png?resize=780%2C470&ssl=1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6f744097129c51896f82c8b09b5b4063a679ebfa8af750ab4ecb406e3818f7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 01 Apr 2022 03:27:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Mar 2022 12:09:13 GMT
server: nginx
etag: "f3fc874107c0878e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-24-at-9.05.52-PM-e1648170392375.png>; rel="canonical"
content-length: 295428
expires: Mon, 25 Mar 2024 00:09:13 GMT

GET jp2diXWZLYA
www.youtube.com/embed/ Frame 6347 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 183ms
64ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.5/_inc/build/facebook-embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a60aad294e0e7c6a2445b0f9e6c0484a43f1417e3f5463a61329573dd5bf3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5Yxj6fjM7o1bUcp7u8JHQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Apr 2022 03:39:28 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: x4talViB9Q7oCqZyqueXl3q9f/wm1gO9LCxnJKW7c0AWahjnaL2o8OsGN82tyg4AfTAZI+5QDuK2E5ns/DTCDg==
x-fb-trip-id: 917726464
x-fb-content-md5: 1ed476840d06fc2f1c14b0726007d001
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Apr 2022 03:27:40 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3c107ba424fdb7cbe8417720cc1a1929"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 493ms
50ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.5/_inc/build/twitter-timeline.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6344) /
Resource Hash: da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:41 GMT
Content-Encoding: gzip
Age: 313
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29457
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:50:29 GMT
Server: ECS (lhb/6344)
Etag: "f763893db69b9ff52796c20ddfe2ac52+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 jp2diXWZLYA Show response
www.youtube.com/embed/ Frame 23E6 60 KB
25 KB 191ms
170ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jp2diXWZLYA

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d132337773c992bfb05301cc2c20378273a1382ec7dc84dd34cd560033e9a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 01 Apr 2022 03:27:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 264400708_1040393293192860_4080631031489931018_n-e1641923021871.png
tbdailynews.com/wp-content/uploads/2022/01/ Frame 1109 14 KB
15 KB 151ms
144ms Image
image/png 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tbdailynews.com/wp-content/uploads/2022/01/264400708_1040393293192860_4080631031489931018_n-e1641923021871.png
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b98e3bb5f882673dbe98e132008f04eada8ab70070d2dcfdd140a699754e25a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 17:43:41 GMT
server: cloudflare
age: 19193
etag: "61ddc1cd-398f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af85fb301f4-ZRH
content-length: 14735

GET
H2 200 264400708_1040393293192860_4080631031489931018_n-2.png
tbdailynews.com/wp-content/uploads/2022/01/ Frame 1109 261 KB
261 KB 154ms
145ms Image
image/png 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tbdailynews.com/wp-content/uploads/2022/01/264400708_1040393293192860_4080631031489931018_n-2.png
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da047b22e71eabf635515f8abb26f093f2bc8705ce70ce9f91e1bc5f301dec7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 16:49:17 GMT
server: cloudflare
age: 19193
etag: "61df068d-41228"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af85fba01f4-ZRH
content-length: 266792

GET
H2 200 tielabs-fonticon.woff
tbdailynews.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ Frame 1109 40 KB
40 KB 197ms
189ms Font
font/woff 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 0
etag: "61ddabdd-9e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af85fb601f4-ZRH
content-length: 40536

GET
H2 200 fa-solid-900.woff2
tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/ Frame 1109 78 KB
78 KB 198ms
190ms Font
font/woff2 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 0
etag: "61ddabdd-13654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af85fb701f4-ZRH
content-length: 79444

GET
H2 200 fa-brands-400.woff2
tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/ Frame 1109 75 KB
75 KB 199ms
191ms Font
font/woff2 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 0
etag: "61ddabdd-12b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af85fb801f4-ZRH
content-length: 76612

GET
H2 200 fa-regular-400.woff2
tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/ Frame 1109 13 KB
13 KB 151ms
143ms Font
font/woff2 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:10:05 GMT
server: cloudflare
age: 0
etag: "61ddabdd-3510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af85fb901f4-ZRH
content-length: 13584

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 1109 13 KB
5 KB 61ms
55ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 12:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 12:26:14 GMT

GET
H2 200 give.css
tbdailynews.com/wp-content/plugins/give/assets/dist/css/ Frame 1109 70 KB
13 KB 81ms
74ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give.css?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3170c86658687db9f461ef450a39bef414f6139f07e299d4886df6ba0c62e86f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19193
etag: W/"61d81a1c-119ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af85fb401f4-ZRH

GET
H2 200 give-donation-summary.css
tbdailynews.com/wp-content/plugins/give/assets/dist/css/ Frame 1109 2 KB
658 B 198ms
191ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give-donation-summary.css?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e976ce625ed3f3bda9494292f078e7f0c16f233da123fac2dba7be916b96db1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19193
etag: W/"61d81a1c-7f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af85fb501f4-ZRH

GET
H2 200 css
fonts.googleapis.com/ Frame 1109 7 KB
1 KB 187ms
52ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C600%2C700&display=swap&ver=2.17.1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3133a9c6d4f6013ae2ed7a10386a974974501150f37f6ec7f9619c9bd836b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 02:19:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 03:27:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 03:27:40 GMT

GET
H2 200 give-sequoia-template.css
tbdailynews.com/wp-content/plugins/give/assets/dist/css/ Frame 1109 115 KB
22 KB 196ms
189ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give-sequoia-template.css?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bef8da7082933fb32d9f2fbb96acd6255bce40048c816f235b4160d4aacf62a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19191
etag: W/"61d81a1c-1cd67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af85fbf01f4-ZRH

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.5/css/ Frame 1109 86 KB
16 KB 64ms
56ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.5/css/jetpack.css

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Tue, 04 Jan 2022 22:15:08 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 shortcodes.css
tbdailynews.com/wp-content/plugins/luke-shortcodes//src/ Frame 1109 99 B
210 B 197ms
190ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-shortcodes//src/shortcodes.css?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adde0b785eefb324975b12f06274c721c7feaaa80fbeb39af7d6a2d938c12a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:06:20 GMT
server: cloudflare
age: 19193
etag: W/"5eb54b3c-63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af85fc101f4-ZRH

GET
H2 200 owl.carousel.css
tbdailynews.com/wp-content/plugins/luke-slider/src/ Frame 1109 1 KB
644 B 195ms
188ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-slider/src/owl.carousel.css?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86697aaf1700624aa65f9df09612004e0f8e59a64b207bcd72ed0efefbff909f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:07:14 GMT
server: cloudflare
age: 19193
etag: W/"5eb54b72-5f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af85fc301f4-ZRH

GET
H2 200 owl.theme.css
tbdailynews.com/wp-content/plugins/luke-slider/src/ Frame 1109 2 KB
840 B 195ms
188ms Stylesheet
text/css 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-slider/src/owl.theme.css?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03461e2776a3c3b29cb997af9abfa50ab8aefbda714b9afaceef14db03820370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:07:14 GMT
server: cloudflare
age: 0
etag: W/"5eb54b72-790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af85fc401f4-ZRH

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 1109 290 KB
76 KB 68ms
62ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=2.17.1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d21553a716a5210921050dbc5e4ef269068fae93574e931f64d96e095fb098f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 46
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:26:54 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 18:28:23 GMT
server: Cloudfront
etag: W/"5604166597ebc6e36072d48eac071553"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: nWwxuuhCvIGaDQlZTPd9vlNt8Ti1jeCQzlIXtVBfrrD3qh3h7jo4wQ==

GET
H2 200 give-stripe.js Show response
tbdailynews.com/wp-content/plugins/give/assets/dist/js/ Frame 1109 7 KB
2 KB 196ms
189ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/js/give-stripe.js?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04fa0c414c589de5f897b3ff10c0a91418dffc7a0890e6bc1d2fd24c9088120

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19193
etag: W/"61d81a1c-1d9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af85fc601f4-ZRH

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/jquery/ Frame 1109 87 KB
30 KB 63ms
57ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/jquery/ Frame 1109 11 KB
4 KB 63ms
57ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 give.js Show response
tbdailynews.com/wp-content/plugins/give/assets/dist/js/ Frame 1109 154 KB
50 KB 195ms
189ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/js/give.js?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66768ee3c87238e9e15415c799808d72c282d689e3e1cdc03cec55df921bc91b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19193
etag: W/"61d81a1c-269b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af85fc701f4-ZRH

GET
H2 200 owl.carousel.min.js Show response
tbdailynews.com/wp-content/plugins/luke-slider/src/ Frame 1109 23 KB
6 KB 203ms
197ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-slider/src/owl.carousel.min.js?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:07:14 GMT
server: cloudflare
age: 19193
etag: W/"5eb54b72-5d52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af8c80b01f4-ZRH

GET
H2 200 owl.script.js Show response
tbdailynews.com/wp-content/plugins/luke-slider/src/ Frame 1109 335 B
292 B 202ms
197ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/luke-slider/src/owl.script.js?ver=1.0
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4a56f970ea8c531689a1430aca41a918936fcf38c914303378632259861e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 May 2020 12:07:14 GMT
server: cloudflare
age: 19193
etag: W/"5eb54b72-14f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af8c80e01f4-ZRH

GET
H2 200 api.js Show response
tbdailynews.com/cdn-cgi/bm/cv/669835187/ Frame 1109 35 KB
9 KB 37ms
37ms Script
text/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbdailynews.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6f4e3af9c91601f4-ZRH

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/vendor/ Frame 1109 6 KB
2 KB 62ms
57ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 16:35:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/vendor/ Frame 1109 19 KB
7 KB 62ms
57ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/ Frame 1109 6 KB
2 KB 62ms
57ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/hooks.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 i18n.min.js Show response
c0.wp.com/c/5.9.2/wp-includes/js/dist/ Frame 1109 10 KB
4 KB 62ms
57ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.2/wp-includes/js/dist/i18n.min.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 01 Apr 2023 03:27:40 GMT

GET
H2 200 give-donation-summary.js Show response
tbdailynews.com/wp-content/plugins/give/assets/dist/js/ Frame 1109 7 KB
3 KB 201ms
197ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/js/give-donation-summary.js?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4556e963f3488fecd148a9a3cb2d0c3ef574a098ffd94b092a8e3656d0dd3eed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19193
etag: W/"61d81a1c-1df5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af8c80f01f4-ZRH

GET
H2 200 give-sequoia-template.js Show response
tbdailynews.com/wp-content/plugins/give/assets/dist/js/ Frame 1109 15 KB
5 KB 201ms
197ms Script
application/javascript 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/js/give-sequoia-template.js?ver=2.17.1
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58ca87d8658f727d37f03c180ad223eff63f7a608524d3dfbc8a91588724da1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
age: 19191
etag: W/"61d81a1c-3bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f4e3af8c81001f4-ZRH

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 178ms
43ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139423437-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4975
date: Fri, 01 Apr 2022 02:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 01 Apr 2022 04:04:46 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 89ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=453eff25f7918f6f8a64db28343e7349

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68f8a3b7ce61daabb769db7cb9323fdf6f7c6556c625f80187a2652a462a8bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tbdailynews.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tegiYx1JTSiBsRC1BASSbw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 01 Apr 2023 02:15:23 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82726
x-fb-rlafr: 0
x-fb-debug: Sc6KxZBmqGRSFGxWDq66c7ZcRReQ4UgoSIjAwHKWq+BGghm64f8Lk+2pnovmGRcM/FUlGZ3ilP8fJ/yhotGRiA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: cae21ffe586c168bb52a508e0aeae62b
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 03:27:41 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6222272bd7dc59ee9b4371923fd612d7"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/449ea0a5/www-widgetapi.vflset/ 151 KB
49 KB 295ms
250ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/449ea0a5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ea863753bf75a16561a726cfb38f5868ea30b4e2f837e7fa30f5cf4f2e1065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50140
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 00:20:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Apr 2023 01:35:55 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/449ea0a5/ Frame 23E6 345 KB
46 KB 66ms
32ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/449ea0a5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c9b6d0730bffcc43f80e3ad15023d9c43852ac5db962fcee445ca4c319e916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jp2diXWZLYA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47394
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 00:20:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 31 Mar 2023 14:56:19 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/449ea0a5/www-embed-player.vflset/ Frame 23E6 279 KB
86 KB 105ms
71ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/449ea0a5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d4621ff9dba19c0ac3f09c9065fd7b3338e9a5b2bf464aa49a0362e73205bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jp2diXWZLYA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87965
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 00:20:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 31 Mar 2023 14:56:19 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/ Frame 23E6 2 MB
525 KB 127ms
93ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb0d0bfff5de3bb3ed83a5f57f760ed03960a977c8695848db093336cbf47d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jp2diXWZLYA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 537579
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 00:20:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 31 Mar 2023 14:57:14 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/449ea0a5/fetch-polyfill.vflset/ Frame 23E6 9 KB
3 KB 126ms
93ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/449ea0a5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jp2diXWZLYA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 00:20:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 31 Mar 2023 14:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 23E6 15 KB
16 KB 97ms
28ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 230976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 11:18:05 GMT

GET
DATA 200
OK truncated
/ Frame 1109 485 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833c8d57ead7206b9b294f9ae4e71437009d64919078bf12d2f27c174fa5ee25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fa-solid-900.woff2
tbdailynews.com/wp-content/plugins/give/assets/dist/fonts/ Frame 1109 74 KB
75 KB 824ms
824ms Font
font/woff2 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/fonts/fa-solid-900.woff2
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give-sequoia-template.css?ver=2.17.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Referer: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give-sequoia-template.css?ver=2.17.1
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
etag: "61d81a1c-12958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af9d92501f4-ZRH
content-length: 76120

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame 1109 30 KB
30 KB 48ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C600%2C700&display=swap&ver=2.17.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 08:55:44 GMT
x-content-type-options: nosniff
age: 153117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 08:55:44 GMT

GET
H2 200 icomoon.woff
tbdailynews.com/wp-content/plugins/give/assets/dist/fonts/ Frame 1109 6 KB
6 KB 562ms
562ms Font
font/woff 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/fonts/icomoon.woff?kdnr3d
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give.css?ver=2.17.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e75a73373757e80313d599d3b2face3bdb1bab76c2dc1c0484d7da136723a50

Request headers

Referer: https://tbdailynews.com/wp-content/plugins/give/assets/dist/css/give.css?ver=2.17.1
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Jan 2022 10:46:52 GMT
server: cloudflare
etag: "61d81a1c-1658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f4e3af9d92601f4-ZRH
content-length: 5720

GET
H2 200 m-outer-9fe86c29346daf61dc2cc0586b4fad18.html Show response
js.stripe.com/v3/ Frame F075 240 B
980 B 36ms
36ms Document
text/html 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.17.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2485
cache-control: max-age=31536000
content-length: 240
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 02:47:02 GMT
etag: "9fe86c29346daf61dc2cc0586b4fad18"
last-modified: Fri, 11 Mar 2022 19:55:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-id: vJlhDlM1ywYOgswvj4OVAPX2ZGqm67DVxl2m6auKJY5nlXDQI4hQAg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-3f5e58058b639d6c728fd085d602c51b.html Show response
js.stripe.com/v3/ Frame 6D1F 349 B
1 KB 37ms
36ms Document
text/html 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-3f5e58058b639d6c728fd085d602c51b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.17.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

736e0ab392c6e37858273ca83bd80f7e4a9fc666b01d44102f371d0150029e6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17
cache-control: max-age=60
content-length: 349
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 03:27:25 GMT
etag: "3f5e58058b639d6c728fd085d602c51b"
last-modified: Thu, 31 Mar 2022 18:13:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-id: 9wVzB2LgOSY3EBNVg3lqGN0WqjnN_r_2q0n4h10huT6CQdlu6ZsMiw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 css2 Show response
fonts.googleapis.com/ Frame 1109 2 KB
537 B 92ms
48ms XHR
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat&display=swap

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.17.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 01:43:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 03:27:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 03:27:41 GMT

GET
H2 200 elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html Show response
js.stripe.com/v3/ Frame 073F 807 B
2 KB 36ms
35ms Document
text/html 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.17.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

317e6499dfac0f003f16283d9404fbcf556283105bbf0f61057358d84cee388f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 763
cache-control: max-age=31536000
content-length: 807
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 03:15:00 GMT
etag: "651b8a3d4c0820224a6d26145eaa7d6c"
last-modified: Thu, 31 Mar 2022 18:13:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-id: qDN5CogkvhqxFGxV-EHjbRgvx2-bkXCHcDENVof65RE8PYtEe9U8bw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html Show response
js.stripe.com/v3/ Frame 8CEC 807 B
2 KB 36ms
36ms Document
text/html 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.17.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

317e6499dfac0f003f16283d9404fbcf556283105bbf0f61057358d84cee388f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 763
cache-control: max-age=31536000
content-length: 807
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 03:23:01 GMT
etag: "651b8a3d4c0820224a6d26145eaa7d6c"
last-modified: Thu, 31 Mar 2022 18:13:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-id: sqqt5YsU4vPz8yFZ58wlJtD_fynzvmvlSAYa_5LKkoLwV8ed_FGR2w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html Show response
js.stripe.com/v3/ Frame DA0B 807 B
2 KB 35ms
35ms Document
text/html 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.17.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

317e6499dfac0f003f16283d9404fbcf556283105bbf0f61057358d84cee388f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 763
cache-control: max-age=31536000
content-length: 807
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 03:23:01 GMT
etag: "651b8a3d4c0820224a6d26145eaa7d6c"
last-modified: Thu, 31 Mar 2022 18:13:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-id: 2uZ2FwLV1yFoTGiZ4CcH9sL6uJckMbu_WRU4ObdD3kFcmTu5UY6HbQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 87ms
38ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=800337870&t=pageview&_s=1&dl=https%3A%2F%2Ftbdailynews.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20TB%20Daily%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=895972050&gjid=851758928&cid=930121166.1648783661&tid=UA-139423437-1&_gid=2145489902.1648783661&_r=1&gtm=2ou3u0&did=dZGIzZG&gdid=dZGIzZG&z=925763149

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F075 0
357 B 576ms
166ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 0
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6D1F 0
356 B 746ms
342ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 5
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 073F 0
356 B 740ms
339ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H3

200

/
www.facebook.com/login/ Frame 66E9
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df82cfb7192ead4%26domain%3Dtbdailyn...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...

0
0

225ms
202ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df82cfb7192ead4%2526domain%253Dtbdailynews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftbdailynews.com%25252Ff1e7ff08cfee6d%2526relation%253Dparent.parent%26container_width%3D308%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTurtleboy-Sports-103493235123496%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=453eff25f7918f6f8a64db28343e7349

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 01 Apr 2022 03:27:41 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 88sr98nH4tTDiV7OBa6+aSrhc+BNyFTcPjSzS0w608YPps6yHN0tr1JYBDB7EYu3JAvElmtwIBRAgvF5iBMMtQ==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 01 Apr 2022 03:27:41 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df82cfb7192ead4%2526domain%253Dtbdailynews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftbdailynews.com%25252Ff1e7ff08cfee6d%2526relation%253Dparent.parent%26container_width%3D308%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTurtleboy-Sports-103493235123496%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: Z3Z8tLu3iG6P9Scn50LrJfUK5LLlwA3uiJ7LNlbwnwzCIXWYXVMR9NWHdsajyJI9spS7pNm+Q9Krd2/YIcoJLw==
x-fb-rlafr: 0
x-xss-protection: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8CEC 0
356 B 724ms
340ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DA0B 0
356 B 881ms
500ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 4
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-7345858512d328389831b5c353d30a99.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F075 1 KB
1 KB 27ms
26ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 39
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:03 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 20:10:26 GMT
server: Cloudfront
etag: W/"d0c7e21ec457b6a134a496f107c3ca93"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: FLfV6fO1h2wkrnosntpUgXkR9hSH7E-bx4SJmI828bqlz-rtGBmMMg==

GET
H2 200 shared-975b7a318080f8c3b7328ac2fedc8722.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6D1F 214 KB
58 KB 25ms
23ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3f5e58058b639d6c728fd085d602c51b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

909e7325cfe3b49117f7bb2f961a6771d8aab92a6c82988f08a04879bee12099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-3f5e58058b639d6c728fd085d602c51b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
x-cache: Hit from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Thu, 31 Mar 2022 18:13:18 GMT
server: Cloudfront
etag: W/"b2bdb86bd5fb50a1bfceba9596418fb4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: hCN3tquzcW2QCEBdOUt5GhjZlnc5e3kzapvnKEy-4IwJEgG3fIaSzw==

GET
H2 200 controller-9c286549f906d9c614261685f1bedd61.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6D1F 370 KB
99 KB 36ms
34ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-9c286549f906d9c614261685f1bedd61.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3f5e58058b639d6c728fd085d602c51b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2fc6f28200f9a95780474e258b0ba318bfe09e5df25127fab5c5452aa5db8150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-3f5e58058b639d6c728fd085d602c51b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:36 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 15:29:20 GMT
server: Cloudfront
etag: W/"2bc3eade53d2c433552f25d2792d5a46"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: Xh7tMkVb60M9jTpgmCZjl6j7avBfxKCimjtELn-yalVrvIhCGKUoOQ==

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame 073F 15 KB
3 KB 114ms
112ms Stylesheet
text/css 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Cloudfront
etag: W/"7c0a4ba6a732ed01cc27774f97bbe8bd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: hOCg-iLi25XsK8eJVAO_g3eDEDFSTfXni2DrEgLsGR41bzi466rcvQ==

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 073F 5 KB
2 KB 32ms
31ms Stylesheet
text/css 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 52
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:26:52 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"0de3030d19b9e3517790795cb6ccc87d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: zdBlhYxUpuoXA1UomsxnIvCHRS-ERU_A0r6SUTx1E5BT7G8urGhS8w==

GET
H2 200 shared-975b7a318080f8c3b7328ac2fedc8722.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 073F 214 KB
58 KB 71ms
69ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

909e7325cfe3b49117f7bb2f961a6771d8aab92a6c82988f08a04879bee12099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 13
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 18:13:18 GMT
server: Cloudfront
etag: W/"b2bdb86bd5fb50a1bfceba9596418fb4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: SOhWPJZgIVWqocUQW9fd6u0JjJXd8FztU2N9ueseSzTAsYQ8uhiQ_g==

GET
H2 200 ui-shared-218f39ffc1e8cd35a3e6597e03c18564.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 073F 214 KB
66 KB 104ms
103ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-218f39ffc1e8cd35a3e6597e03c18564.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eaca888aeb65d350e58e7bd2c4687178c0636f87e1b0962b91ee8c59ccf68316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:05 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 13:44:30 GMT
server: Cloudfront
etag: W/"d573db9077635b9ca3dd974aaab7f3ae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: rbi591eyl_LjdaowmYavCJumLl7dIWsbFLTLQ8kM76-qoI2tLIsj8A==

GET
H2 200 elements-inner-card-0071e67178888637d84588c5044f69b8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 073F 46 KB
12 KB 119ms
118ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-0071e67178888637d84588c5044f69b8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1ba052018e589b59a29925ce5c5f99410e7dfe1886f1d4235c8c0900f5de45bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 13:44:18 GMT
server: Cloudfront
etag: W/"7bb308fe0015b06f155f5dd06a2b637b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: HUvERRx36623uNVBJmK9JGo9iy6LO1sv7kP8T7hcl1BsUJkhIPfPMw==

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame 8CEC 15 KB
3 KB 111ms
110ms Stylesheet
text/css 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Cloudfront
etag: W/"7c0a4ba6a732ed01cc27774f97bbe8bd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: OlGkIRCCUi0-73Lr1c-tG7F_EuqI7FKbIxLlKqRdoKbuXbpuX-Szrg==

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 8CEC 5 KB
1 KB 110ms
109ms Stylesheet
text/css 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 52
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:28 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"0de3030d19b9e3517790795cb6ccc87d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 0eYOLp0jRfLmHhMrPNPNDBoCMd3iI-dGpoywXJ-Mj3iE34IFSvFUrw==

GET
H2 200 shared-975b7a318080f8c3b7328ac2fedc8722.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8CEC 214 KB
58 KB 120ms
119ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

909e7325cfe3b49117f7bb2f961a6771d8aab92a6c82988f08a04879bee12099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 13
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 18:13:18 GMT
server: Cloudfront
etag: W/"b2bdb86bd5fb50a1bfceba9596418fb4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: C89jxHTgB93rxvuk2K2uxhW-gKhTTZX8wlSUZ3En_pSp-eENvb8qyg==

GET
H2 200 ui-shared-218f39ffc1e8cd35a3e6597e03c18564.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8CEC 214 KB
66 KB 130ms
129ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-218f39ffc1e8cd35a3e6597e03c18564.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eaca888aeb65d350e58e7bd2c4687178c0636f87e1b0962b91ee8c59ccf68316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:29 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 13:44:30 GMT
server: Cloudfront
etag: W/"d573db9077635b9ca3dd974aaab7f3ae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: jLEy8YAWVSWXURtsPUHFe47S1ESaMGDtM2bZCGjLADE09bu3ehgP_Q==

GET
H2 200 elements-inner-card-0071e67178888637d84588c5044f69b8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8CEC 46 KB
12 KB 190ms
189ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-0071e67178888637d84588c5044f69b8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1ba052018e589b59a29925ce5c5f99410e7dfe1886f1d4235c8c0900f5de45bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 13:44:18 GMT
server: Cloudfront
etag: W/"7bb308fe0015b06f155f5dd06a2b637b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: gOa4fL_DKvteJQKXok7ocuJjaJHd-XoP3kfcokNlgvfxgslhFK7GpA==

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame DA0B 15 KB
3 KB 153ms
153ms Stylesheet
text/css 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Cloudfront
etag: W/"7c0a4ba6a732ed01cc27774f97bbe8bd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 4LwxBdBprxDWnV6A9ccawQpX4NMa0oKtLpE55XoybXyeeaU0WJelOg==

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame DA0B 5 KB
1 KB 154ms
154ms Stylesheet
text/css 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 52
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:28 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"0de3030d19b9e3517790795cb6ccc87d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: LV-Pzue0ukuyuc58ZnvJcQVH-7apheUc554yTXQO1L5VJMQhicQLyg==

GET
H2 200 shared-975b7a318080f8c3b7328ac2fedc8722.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DA0B 214 KB
58 KB 159ms
159ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

909e7325cfe3b49117f7bb2f961a6771d8aab92a6c82988f08a04879bee12099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 13
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 18:13:18 GMT
server: Cloudfront
etag: W/"b2bdb86bd5fb50a1bfceba9596418fb4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: bAZf1aaaBb7f_8uqsP5ofh6wskbTKRvdqGrCUQGfcNNrMBkYE667xw==

GET
H2 200 ui-shared-218f39ffc1e8cd35a3e6597e03c18564.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DA0B 214 KB
66 KB 173ms
172ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-218f39ffc1e8cd35a3e6597e03c18564.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eaca888aeb65d350e58e7bd2c4687178c0636f87e1b0962b91ee8c59ccf68316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:29 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 13:44:30 GMT
server: Cloudfront
etag: W/"d573db9077635b9ca3dd974aaab7f3ae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: s710GNzBjZO4EeLjiYKQEmMBjA2g1hAttqEiXAt2pLbCPVo3w8HtOQ==

GET
H2 200 elements-inner-card-0071e67178888637d84588c5044f69b8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DA0B 46 KB
12 KB 186ms
186ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-0071e67178888637d84588c5044f69b8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1ba052018e589b59a29925ce5c5f99410e7dfe1886f1d4235c8c0900f5de45bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-651b8a3d4c0820224a6d26145eaa7d6c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 13:44:18 GMT
server: Cloudfront
etag: W/"7bb308fe0015b06f155f5dd06a2b637b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 5HvdsIBd5Vl6fFi6jFn5Xa8m3ePK8eE-YXYtMIXLo4H7XisSF-r1ag==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 109ms
33ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-139423437-1&cid=930121166.1648783661&jid=895972050&gjid=851758928&_gid=2145489902.1648783661&_u=YEBAAUAAAAAAAC~&z=1388625322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 01 Apr 2022 03:27:41 GMT
content-type: text/plain
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 result Show response
tbdailynews.com/cdn-cgi/bm/cv/ Frame 1109 0
268 B 29ms
29ms XHR
text/plain 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/cdn-cgi/bm/cv/result?req_id=6f4e3af6be9001f4
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: cloudflare
cf-ray: 6f4e3afb4a1001f4-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 370F 930 B
2 KB 125ms
21ms Document
text/html 2600:9000:2057:5a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 16
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 03:27:41 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-id: POz_yXEMugCEltzFQabhO51E-hDFDKR4QOwgBtj1pYFzsvSaahBY5g==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 95ms
34ms Script
application/javascript 2a01:7e00:1::b903:5c4c
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
content-type: application/javascript
age: 2554
transfer-encoding: chunked
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
connection: close
last-modified: Tue, 25 Aug 2020 07:36:03 GMT
server: nginx
vary: Accept-Encoding
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation: 1598340963244234
cache-control: max-age=31104000, public
x-goog-stored-content-length: 4733
x-guploader-uploadid: ADPycdt07WqpSpPR9QFX4N7mEApsQxQsMuLEXNwKNEKYCRhvgkdBMe0V4Ebr16llsQl2bgBkuOL-HpbBQasV7JWzRhlzC2UkMQ
expires: Mon, 27 Mar 2023 03:27:41 GMT

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/4b6189b6-de6b-426d-ac38-56be58c12f8b/ 229 KB
80 KB 86ms
21ms Script
application/javascript 65.9.66.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/4b6189b6-de6b-426d-ac38-56be58c12f8b/ats.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f88fda6c1104318ecbf58238f432f61ad8861f7986e62eb84a94b75f857151f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: eTvm9lhi0lXJA67HGaIFotVlUg8EkkOB
content-encoding: gzip
etag: W/"ff989f32631f3db0b2efc94b2e8f7994"
last-modified: Fri, 18 Mar 2022 19:12:53 GMT
server: AmazonS3
age: 2313
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
date: Fri, 01 Apr 2022 02:49:08 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: FzW7S7pnMedDq25zITAQ6zxfUg545xi4fE8JU-WMt83JfZxYdV5PKA==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 216 B
550 B 79ms
17ms XHR
application/javascript 2a01:7e01:1::ac69:92e7
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 216
expires: Fri, 01 Apr 2022 04:27:41 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 126 KB
44 KB 49ms
19ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?ver=5.9.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33d109aa886051923e80be7e7533262355000b8c2a86ac052977953822534676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 06:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44795
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 06:36:29 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 118 KB
40 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?ver=5.9.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

222b245830c8a115a9bd7eb96b0abf53045bd04f6d81fd3fad479e82a5e0d132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 11:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41097
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 11:39:40 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 0FA3 3 KB
1 KB 54ms
53ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&layout=full&count=default&origin=https%3A%2F%2Ftbdailynews.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?ver=5.9.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a6a571ef8c3924ccdcc9e3902249ecc6b40f9ee03e0ed78d14252a00a7374af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 01 Apr 2022 03:27:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 502ms
325ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 css
fonts.googleapis.com/ 2 KB
484 B 50ms
25ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94773db8e4ed0417c38fd37dccafd6450b04f372f73c3e2b2a4336f56707dfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 01:53:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 03:27:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 03:27:41 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 18ms
17ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.5&blog=154514430&post=165056&tz=-4&srv=tbdailynews.com&host=tbdailynews.com&ref=&fcp=2238&rand=0.19964294015596318
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Apr 2022 03:27:41 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 m-outer-9fe86c29346daf61dc2cc0586b4fad18.html Show response
js.stripe.com/v3/ Frame 1DE5 240 B
979 B 18ms
18ms Document
text/html 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.17.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2485
cache-control: max-age=31536000
content-length: 240
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 02:47:02 GMT
etag: "9fe86c29346daf61dc2cc0586b4fad18"
last-modified: Fri, 11 Mar 2022 19:55:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-id: iE6ZRMgcxJ8sm8MEib9J8K1lW5ksFN1I7PeQATT4PXJrSlNmMJZQiQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK widget_iframe.0af76c3310098d2f8f428367b62351b8.html Show response
platform.twitter.com/widgets/ Frame 4C3E 319 KB
104 KB 28ms
28ms Document
text/html 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Ftbdailynews.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/62B7) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 27315
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Apr 2022 03:27:41 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 31 Mar 2022 19:49:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (lhb/62B7)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H2 200 csp-report
q.stripe.com/ Frame 370F 0
130 B 401ms
342ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
x-envoy-upstream-service-time: 4
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 23E6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

68ms
30ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c082aff2fdcd045d6d263c1a1d6d141d243168ae1d17537a0b541b1b25d5eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Apr 2022 03:27:41 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 23E6 29 B
588 B 60ms
17ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/449ea0a5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:14:42 GMT
x-content-type-options: nosniff
age: 779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 03:29:42 GMT

GET
H3 200 css
fonts.googleapis.com/ 7 KB
815 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,700%7COpen+Sans:400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8fe5f075ab505097a06fda7d5d44097b6e77e79673043ffba42bca883baeffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 03:27:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 03:27:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 03:27:41 GMT

POST
H2 200 / Show response
tbdailynews.com/ 691 B
677 B 324ms
323ms XHR
application/json 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbdailynews.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

f8b9d1921dd2e7d05d6a6f7cb2add49b7bc1152a70a6487495f714eef79d08bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://tbdailynews.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: WP Engine
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, X-NR-SAMPLE-PERCENT
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6f4e3afcdaed01f4-ZRH
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 1DE5 0
356 B 354ms
342ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 3
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 Screen-Shot-2022-03-29-at-5.07.42-PM-e1648588171258.png
i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/ 246 KB
247 KB 19ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-29-at-5.07.42-PM-e1648588171258.png?zoom=2&resize=390%2C220&ssl=1

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6db6618484111d323e7140d49f19a2c28e4379270224e5584d08b44622f47061

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 01 Apr 2022 03:27:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 31 Mar 2022 06:39:02 GMT
server: nginx
etag: "d60eefe76c8b7648"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tbdailynews.com/wp-content/uploads/2022/03/Screen-Shot-2022-03-29-at-5.07.42-PM-e1648588171258.png>; rel="canonical"
content-length: 252398
expires: Sat, 30 Mar 2024 18:39:02 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 326ms
324ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 327ms
325ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 327ms
325ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 327ms
325ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 326ms
325ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 328ms
327ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 327ms
326ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 325ms
324ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 328ms
327ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 326ms
325ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 327ms
326ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 327ms
327ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 0FA3 38 KB
6 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&layout=full&count=default&origin=https%3A%2F%2Ftbdailynews.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&layout=full&count=default&origin=https%3A%2F%2Ftbdailynews.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Mar 2023 09:20:48 GMT

GET
H2 200 L3xsxWniaFVIbWGshu9bOoj-OHcAiK4hp0ADO2qBzgGauhEUGRQ-6whqBtf2DXAtfRuAziqDcQ=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 0FA3 2 KB
2 KB 78ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/L3xsxWniaFVIbWGshu9bOoj-OHcAiK4hp0ADO2qBzgGauhEUGRQ-6whqBtf2DXAtfRuAziqDcQ=s48-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d410d5da5c490a342df7fb8aeec567bf4bacc50638f51e9a9d8744d0417eda9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1764
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 09 Mar 2022 10:21:24 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 0FA3 252 KB
72 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&layout=full&count=default&origin=https%3A%2F%2Ftbdailynews.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Mar 2023 09:20:48 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 40ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:33:39 GMT
x-content-type-options: nosniff
age: 114842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:33:39 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 43ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:31:44 GMT
x-content-type-options: nosniff
age: 114957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:31:44 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 65ms
22ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 01 Apr 2022 03:27:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 23E6 45 KB
22 KB 58ms
33ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41520e1153d8c15cc6129392ed13d4b1331c32be2dea1012f1ccccc8ff3a935a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22453
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/ Frame 23E6 119 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b097fb74077127b5983e45503fb95c8d7bc70b3eb098e5d9a020592f75f23887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jp2diXWZLYA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37702
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 00:20:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 31 Mar 2023 14:57:15 GMT

GET
H2 200 V-sAIHWfyG0pUIp3BZ2wXLzaTl4ZfTfHYa_wwzML1lo.js Show response
www.google.com/js/th/ Frame 23E6 35 KB
14 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/V-sAIHWfyG0pUIp3BZ2wXLzaTl4ZfTfHYa_wwzML1lo.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57eb0020759fc86d29508a77059db05cbcda4e5e197d37c761aff0c3330bd65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 19:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13791
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 19:45:05 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/ Frame 23E6 27 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96f5ab14b62e4ddf95515ac3713d29386053a65c1fb0ae6224d3f9af7f7f24b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jp2diXWZLYA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8160
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 00:20:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 31 Mar 2023 14:57:48 GMT

GET
H/1.1 200
OK stylesheet.css
monu.delivery/assets/vendors/videojs/ 41 KB
14 KB 140ms
83ms Stylesheet
text/css 2a01:7e00:1::b903:5c4c
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/vendors/videojs/stylesheet.css
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ba0ff987ed3ac31e6c13f1ffa31853ea3587e3ad8f8b0c6caa3bc9c9cf68ab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
content-type: text/css
age: 0
transfer-encoding: chunked
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
connection: close
last-modified: Tue, 25 Aug 2020 07:36:02 GMT
server: nginx
vary: Accept-Encoding
x-goog-hash: crc32c=mDlWYQ==, md5=dHg1oGw0LZVvKyX2Ctt/Ww==
x-goog-generation: 1598340962727822
cache-control: max-age=31104000, public
x-goog-stored-content-length: 42146
x-guploader-uploadid: ADPycdscTzrTDAf6Oo7eAA_G5s67Rwy8YBwwkcoZsUUPUMkZ3RlyTKn6aDbylausZ4r15tN6ymkb9oWN21gCg9eUrYw
expires: Mon, 27 Mar 2023 03:27:41 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 375 KB
126 KB 73ms
29ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127864
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:27:41 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 94 KB
23 KB 76ms
20ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7847fe9876f5b7bc3c00f4a4e9d1cf60ad762e53be0ca67b2c1ce63e40fc18b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:41 GMT
Content-Encoding: gzip
Age: 1609
X-Cache: HIT
Connection: keep-alive
Content-Length: 22754
x-amz-id-2: ms71tSkX6UUPtYzv0YJkDRZXSacC/liukxUz3HjpsikVKXl4YGhwVwUHXzXlOqZul5k5qc7uRWI=
X-Served-By: cache-hhn4078-HHN
Last-Modified: Fri, 01 Apr 2022 02:45:06 GMT
Server: AmazonS3
X-Timer: S1648783662.763613,VS0,VE0
ETag: "70c4eeb89ddd9a987bba94b4af8fafc0"
x-amz-request-id: 6H5YSXB5315XWSMT
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 17

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 81ms
26ms Script
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:18:38 GMT
content-encoding: gzip
age: 542
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 0GKDQBE9Z3NTCXNDFGR8
etag: 4e3fad24a118a07cea7ce88b2721a583
vary: Accept-Encoding
x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: i7D31hAvSeLGjgF6WT-q-y5slw4JtGzQWy5SHvAvWnAwhhmjvQqmGQ==

GET
H/1.1 200
OK 182762-63174106385307.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 157ms
30ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Apr 2022 03:00:50 GMT
Server: Apache
ETag: "7621c6-930a-5db8efc69a37f"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2125
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Fri, 01 Apr 2022 04:03:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 82ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

1bebe07e837fb33f10c63429c52aba83e53af281cdebd8687b3ca740d0703829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28182
x-xss-protection: 0
server: sffe
etag: "1174 / 611 of 1000 / last-modified: 1648764434"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Apr 2022 03:27:41 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/ 17 KB
6 KB 146ms
42ms Script
text/javascript 65.9.66.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: HGYL.siFb.HLK8NXg9tyIeM1N2pdl_47
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 19:32:23 GMT
server: AmazonS3
age: 55158
etag: W/"4c3e8f251a140b2e06634712ba322640"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 31 Mar 2022 12:08:28 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9bBT4X7S9a22GKu8TI2hNS3O24wO-WXfSR1wHr32skfotQ-U6s0AWg==

GET
DATA 200
OK truncated
/ Frame 23E6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 L3xsxWniaFVIbWGshu9bOoj-OHcAiK4hp0ADO2qBzgGauhEUGRQ-6whqBtf2DXAtfRuAziqDcQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 23E6 3 KB
3 KB 53ms
27ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/L3xsxWniaFVIbWGshu9bOoj-OHcAiK4hp0ADO2qBzgGauhEUGRQ-6whqBtf2DXAtfRuAziqDcQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

163defa48c4afbe953b013bef080ce3ed2bc00a5a027bc0f1af6abf97b6b2988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2618
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Feb 2022 02:37:13 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/jp2diXWZLYA/ Frame 23E6 36 KB
36 KB 84ms
40ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jp2diXWZLYA/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3721296aa7e59e4231441f1d1b395ee84803cf259bf363d406dc1a33dad47f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36797
x-xss-protection: 0
server: sffe
etag: "1648336306"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Apr 2022 05:27:41 GMT

GET
H3

200

/
www.facebook.com/login/ Frame B5CF
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36f0118506b7a8%26domain%3Dtbdaily...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...

0
0

89ms
88ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36f0118506b7a8%2526domain%253Dtbdailynews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftbdailynews.com%25252Ff1e7ff08cfee6d%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTurtleboy-Sports-103493235123496%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=453eff25f7918f6f8a64db28343e7349

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 01 Apr 2022 03:27:41 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: IuXPnlGR6xNEiIK/4VHFuMdPq5avRrVVi8dAiTsx4MYFrHWnSfvej9pe/UE1wnbFp9v4+b2HUq9tAm7UMG3oRA==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 01 Apr 2022 03:27:41 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36f0118506b7a8%2526domain%253Dtbdailynews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftbdailynews.com%25252Ff1e7ff08cfee6d%2526relation%253Dparent.parent%26container_width%3D0%26height%3D432%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTurtleboy-Sports-103493235123496%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: nfJGYSLeBHBRceIlC1Su4vVNEbPPz6NIcZFWN5U2YcU+muFihzxabQvecmGWr7R3MnEElpDuchEfAYhSZE87Tg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 m-outer-7345858512d328389831b5c353d30a99.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1DE5 1 KB
1 KB 23ms
23ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 39
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:03 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 20:10:26 GMT
server: Cloudfront
etag: W/"d0c7e21ec457b6a134a496f107c3ca93"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 4vNHhIsb_tCZ_fIZEi3OMlyjKaKBn1ganQZTTCgIaLn01jSd1tDslA==

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 370F 86 KB
14 KB 38ms
38ms Script
text/javascript 2600:9000:2057:5a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 237
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:24:09 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: povB28Lh7eHdTjwMPyEWtp9grp4P_M73Oc-uGMF3rmU9gPlLpLkLLw==

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7COpen+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:31:44 GMT
x-content-type-options: nosniff
age: 114957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:31:44 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7COpen+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tbdailynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 189731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:45:30 GMT

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 0FA3 156 B
179 B 31ms
30ms Image
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:08:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 231578
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Mar 2023 11:08:03 GMT

GET
H/1.1 200
OK xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 5E01 3 KB
2 KB 96ms
37ms Document
text/html 2a01:7e00:1::b903:5c4c
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 0
cache-control: max-age=31104000 public
connection: close
content-encoding: gzip
content-type: text/html
date: Fri, 01 Apr 2022 03:27:41 GMT
expires: Mon, 27 Mar 2023 03:27:41 GMT
last-modified: Tue, 25 Aug 2020 07:36:09 GMT
server: nginx
transfer-encoding: chunked
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1598340969597109
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-guploader-uploadid: ADPycdvCd-_V52UPvayh1vvQCF3EF6p-HcLwnImNVwM7P7p9diyXxrku8giA3Tqednpqunt8fB7NSLqFy2AWw-PXXg

POST
H2 204 result Show response
tbdailynews.com/cdn-cgi/bm/cv/ 0
268 B 22ms
22ms XHR
text/plain 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tbdailynews.com/cdn-cgi/bm/cv/result?req_id=6f4e3aee79da01f4
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
server: cloudflare
cf-ray: 6f4e3afebc1601f4-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4C3E 309 B
472 B 185ms
127ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d9f200b776959b1a4b2cd6ebf6b2d7f4432a98b7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Ftbdailynews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

19d022d3f567c5ac6c99a24b948122dd3512a30b22210808c4f8d6191a7abd7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 01 Apr 2022 03:27:41 GMT
content-encoding: gzip
last-modified: Fri, 01 Apr 2022 03:27:42 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d0427b5169ab425a910c9331037cb197074d8824c451d99653c7f58814f8690e
content-length: 191

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 194ms
194ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
592 B 94ms
17ms Fetch
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/4b6189b6-de6b-426d-ac38-56be58c12f8b/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:03:33 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
age: 80649
x-amzn-requestid: c824d225-903b-4ed3-b832-58421d5708f3
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62453625-3d41fbd80f4b14573f76b43d;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, FRA53-C1
x-amz-apigw-id: P1Vl6HoljoEF8EQ=
content-length: 28
x-amz-cf-id: tKV61xUzi3R4iIPr2bji_OIdghM2fNAKkpUuqfDWPrjXZFWj8q-7bg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
591 B 93ms
17ms Fetch
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/4b6189b6-de6b-426d-ac38-56be58c12f8b/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:03:33 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
age: 80649
x-amzn-requestid: c824d225-903b-4ed3-b832-58421d5708f3
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62453625-3d41fbd80f4b14573f76b43d;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, FRA53-C1
x-amz-apigw-id: P1Vl6HoljoEF8EQ=
content-length: 28
x-amz-cf-id: Qha3SrQwntn-i3jzSV6utskO1aAb22vnQtRhtFK6YHtUD34IDUJ0jw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
592 B 93ms
18ms Fetch
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/4b6189b6-de6b-426d-ac38-56be58c12f8b/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:03:33 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
age: 80649
x-amzn-requestid: c824d225-903b-4ed3-b832-58421d5708f3
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62453625-3d41fbd80f4b14573f76b43d;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, FRA53-C1
x-amz-apigw-id: P1Vl6HoljoEF8EQ=
content-length: 28
x-amz-cf-id: 0ibINRA0HG4TSYbNbAftLHKICjbg8fXnX-03_bQtTUk2csH5YNrEmw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 94DE 564 B
903 B 253ms
68ms Document
text/html 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Ftbdailynews.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cea2b372f7291a19dba8398c67406fc2c4cb9f56854aaac3520961711bb62aba

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-5K/5z81hCWOHJ8eYF0W6NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-5K/5z81hCWOHJ8eYF0W6NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 03:27:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0F5C 930 B
2 KB 17ms
17ms Document
text/html 2600:9000:2057:5a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 16
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 03:27:41 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-id: -S2LKvp3toog201hbdXDl5V7CEHWW8zq4Q3enhZi53syR7vhYedmJw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 178ms
178ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 176ms
176ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 177ms
177ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 176ms
176ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 176ms
176ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 175ms
175ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 421ms
384ms XHR
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: InLR09si5w_MFkXEJvD4HbuDP60GbIad6RVqody34MOWrrpR6cH8Qg==

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ 192 KB
62 KB 18ms
18ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:42 GMT
Content-Encoding: gzip
Age: 212
X-Cache: HIT
Connection: keep-alive
Content-Length: 62535
x-amz-id-2: Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By: cache-hhn4078-HHN
Last-Modified: Tue, 29 Mar 2022 15:47:05 GMT
Server: AmazonS3
X-Timer: S1648783662.082735,VS0,VE0
ETag: "52d00808545427ec106d5efaf477f68a"
x-amz-request-id: 9PNTNSCKC5Z77DFH
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 190

POST
H2 200 csp-report
q.stripe.com/ Frame 0F5C 0
130 B 168ms
168ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
x-envoy-upstream-service-time: 0
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H3 200 pubads_impl_2022032106.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 43ms
18ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126678
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 20:13:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Mar 2023 20:10:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 92 B
104 B 55ms
29ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tbdailynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e233ee4cc2a1d28bfe4dd4a8904eebfe5e1060f6c49d936e85920c8d99f5614f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:27:42 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 113ms
113ms XHR
application/json 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftbdailynews.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6911c24a9b371c2e460323da83a30fc8298053a2ad4b57a01127ee27777c5eba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:41 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1176
x-amz-cf-id: dCSwcCElm4alSsDqbiLzd4M-9rngarXjbNVMcWW8yR_XGnd7vgLv2g==

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 159ms
159ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ Frame 0FA3 128 KB
42 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

848fbad57cfe0865b4425b4ce3870d42d583b24544739775b0afa50553aefb06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43036
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 01:25:33 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 158ms
158ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 159ms
159ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
961 B 184ms
125ms Fetch
application/json 99.86.7.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-29.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront), 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1, FRA6-C1
x-amzn-requestid: 9fe8ebb1-7f94-47dd-b984-c5c0eed029bf
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: P4afRGvkCYcFY3g=
content-length: 555
x-amz-cf-id: bCvWYzVSIjhVfKITH0w0aWDTV75mLZlCbxcNwGC3CTUj1FtERA6WKQ==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 73ms
8ms Script
application/javascript 143.204.215.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-76.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b246a53f18c2f935ef32ebe685c439e9025821055bfdaa878de13f867640d111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: IHBKHmFccqSy07MT7O11tbgBuymhRfsM
content-encoding: gzip
etag: W/"0d9f6f1d9d521b38efa38109b50e6ba7"
last-modified: Wed, 02 Mar 2022 16:27:18 GMT
server: AmazonS3
age: 14734
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 01 Apr 2022 02:00:26 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: _TO5vZERp8gJUKH-kFMFucD5mtpzrfBWMz3PfkpsGj4igIzaR6keYA==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 131ms
41ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: ef317402ae53715081da39926fd93a532749f388dd4b91d482bca33719da3aa1

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tbdailynews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 01 May 2022 03:27:42 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
328 B 61ms
16ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

POST
H3 204 cspreport
accounts.google.com/o/ Frame 94DE 0
20 B 72ms
53ms Other
text/html 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c+e9c7S3nsDX0JKl2l53Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Ftbdailynews.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-c+e9c7S3nsDX0JKl2l53Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 370F 156 B
522 B 510ms
175ms XHR
application/json 34.211.187.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.187.4 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-187-4.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f1389982c341c883bdc2dc8e668ee73aa0dc6922f09fa5bd2b2a797197e1c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
594 B 7ms
7ms Fetch
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/4b6189b6-de6b-426d-ac38-56be58c12f8b/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:03:33 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
age: 80649
x-amzn-requestid: c824d225-903b-4ed3-b832-58421d5708f3
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62453625-3d41fbd80f4b14573f76b43d;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, FRA53-C1
x-amz-apigw-id: P1Vl6HoljoEF8EQ=
content-length: 28
x-amz-cf-id: FJ6LX6SRcMZRnFrTKzOvjTnNnYg8OjCEtEwtG3v7kZb3WQ_y47A5Ww==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0F5C 86 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:2057:5a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 238
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:24:09 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 9IYZg6QbUL6ZZANxIiMuSVHCI7eGPau9fC4uNxCchOH3TYzpcQEXQQ==

GET
H2 200 23066399-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 94DE 10 KB
5 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/23066399-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Ftbdailynews.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57dbe899a2b5c804f6e667838d56d9467d692e449dce19c7f9e48e84776c0ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4281
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 02:13:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 01:56:14 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 94DE 14 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e3e9a52a09072161c6b58744b35699cf29174bdcec483c4d71d4e54f0aac040

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 01 Apr 2022 03:27:42 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c5287d5a77314ff1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 03:27:42 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 159ms
159ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 23E6 4 KB
3 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 03:27:42 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 23E6 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?YcH5rg
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jp2diXWZLYA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
497 B 35ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=6d587511-1774-d043-d0e3-386933f3f14f&a=p.l&u=253110c0-aba7-4877-bc35-60adbb93ceeb
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:00:10 GMT
age: 1652
x-guploader-uploadid: ADPycdujQZAiZjRTzrckBVOwjJGtG61NH07LOUrUmFluu5yv6-qp_lxkJgtvcaZQLcuwnbku8zheSj6JJulYJgXwANnEFcSjaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Fri, 01 Apr 2022 04:00:10 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 558 KB
139 KB 840ms
677ms Script
text/javascript 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX8RN661&hst=tbdailynews.com&ver=1.2

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

101007bfc3ea99f75aab522071e212de544073a711a0a3a6496bdebf62408228

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 01 Apr 2022 03:27:43 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Fri, 01 Apr 2022 03:57:43 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 176ms
13ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Fri, 01 Apr 2022 02:37:46 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 11181
x-request-id: 846987583

GET
H/1.1 200
OK moment~timeline.65e67d070a71111411ab4824411cddeb.js Show response
platform.twitter.com/js/ 25 KB
8 KB 18ms
18ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.65e67d070a71111411ab4824411cddeb.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6285) /
Resource Hash: 03047422295df65247d8d96cde636617cc08a20c94a1198ab2ac63c51d935b41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:42 GMT
Content-Encoding: gzip
Age: 27332
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 8018
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:48:55 GMT
Server: ECS (lhb/6285)
Etag: "bf619fa416a6da12ea26c26ad55a55e9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.308c5ce7eef621e3475f1433b5c9d467.js Show response
platform.twitter.com/js/ 20 KB
7 KB 37ms
37ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.308c5ce7eef621e3475f1433b5c9d467.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF4) /
Resource Hash: 876c95ed456a1c4afbf5162a54663e2358c1dfffb41d8f506ec999cc68c7a92e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:42 GMT
Content-Encoding: gzip
Age: 27321
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 6430
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:48:55 GMT
Server: ECS (mil/6CF4)
Etag: "d2a58b5c3e3b4c93cf67e65455c42c1a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
429 B 135ms
17ms XHR
text/plain 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Ftbdailynews.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:42 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://tbdailynews.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Fri, 01 Apr 2022 03:27:42 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
958 B 10ms
10ms Fetch
application/json 99.86.7.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-29.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront), 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1, FRA6-C1
x-amzn-requestid: 9fe8ebb1-7f94-47dd-b984-c5c0eed029bf
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: P4afRGvkCYcFY3g=
content-length: 555
x-amz-cf-id: e7uVJ1Fge4YCiCba0tzDo2-FWsKhjjhvraQ7uaXHWZfvgvRElO0uLg==

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 114 B
749 B 133ms
35ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222aafe1b336bad7%22%3A%22177369c437c672237248%7C300x250%2C160x600%7Cgpid%3D%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDR.A%23pillar-1%22%2C%2233c7464e7443f3%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%7Cgpid%3D%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDR.A%23pillar-1%22%7D&ref=https%3A%2F%2Ftbdailynews.com%2F&s=5e64f839-b2f3-4448-a27f-bda842d79a91&pv=7e086590-b51d-405e-a7e1-45983b95651b&vp=desktop&lib_name=prebid&lib_v=6.15.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22253110c0-aba7-4877-bc35-60adbb93ceeb%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2232a70e8e-bb40-4dcc-9751-097c670e1220%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2232a70e8e-bb40-4dcc-9751-097c670e1220%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

1d8f3a43890914d076bcb2a762582c90d83781fbae96eec877901efefe014d37

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:42 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://tbdailynews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 139
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
205 B 469ms
263ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tbdailynews.com
date: Fri, 01 Apr 2022 03:27:42 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 151
vary: origin, Accept-Encoding

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
985 B 336ms
117ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tbdailynews.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
35 B 104ms
18ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
cf-ray: 6f4e3b031c5a9b98-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 105ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tbdailynews.com
date: Fri, 01 Apr 2022 03:27:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
225 B 141ms
33ms XHR
text/plain 54.171.236.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=6.15.0&p=%5B%7B%22placement_id%22%3A%22mmt-676e9ac6-8cf3-49e2-866a-73f39a1294cc%22%2C%22callback_id%22%3A%2214df2d77f6338ef%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222540682011836620841%22%2C%22gpid%22%3A%22%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDR.A%23pillar-1%22%7D%5D&page_url=https%3A%2F%2Ftbdailynews.com%2F&bust=1648783662480&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Home%20-%20TB%20Daily%20News&w=1600&h=1200&pubcid=32a70e8e-bb40-4dcc-9751-097c670e1220&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22253110c0-aba7-4877-bc35-60adbb93ceeb%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2232a70e8e-bb40-4dcc-9751-097c670e1220%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.236.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-236-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tbdailynews.com
pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
698 B 140ms
58ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: be10f2d6e174cf1d77dd35d2d37391f5753a29f43abbb429267a0b4a6ab4607f

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 136ms
118ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d013ebfac6235dcd8785f3b52e77de542364dbcfc7a4c58818ec42ba63c07022

Request headers

Referer: https://tbdailynews.com/
x-openrtb-version: 2.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
99 B 101ms
83ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d16a3bd596e2f3a0e4797289175c2942f4bc6b13f8c63d131f31f4c9e4e90040

Request headers

Referer: https://tbdailynews.com/
x-openrtb-version: 2.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
content-length: 66

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
5 KB 281ms
203ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a25aeb10687b55c2bbb8e71d772fa626c8e74faddbe2857ed582ebfb9d0c8aa8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 01 Apr 2022 03:27:42 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fc64c114-728b-4bed-9422-e1ef4b7a81c7
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tbdailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid_display Show response
display.bfmio.com/ 138 B
463 B 357ms
139ms XHR
text/plain 184.73.205.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.73.205.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-73-205-114.compute-1.amazonaws.com

Software

Resource Hash

a3220e8059925374badb7145ba365952d28964954d5d26dab76dc711b6ff48e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding, User-Agent
content-type: text/plain;charset=iso-8859-1
access-control-allow-origin: https://tbdailynews.com
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 148

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
331 B 152ms
75ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=242369&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225359084729aa56%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftbdailynews.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226736c462bfd7e3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDR.A%22%2C%22gpid%22%3A%22%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDR.A%23pillar-1%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22253110c0-aba7-4877-bc35-60adbb93ceeb%22%2C%22hp%22%3A1%2C%22rid%22%3A%227a2ed7cc-a916-4fd7-864e-8a5ba2ad8baa%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2232a70e8e-bb40-4dcc-9751-097c670e1220%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22efda55b9-c65f-43d8-9839-5b157d1943b0%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-04-01T03%3A27%3A42%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b2e2e0e900cbbf7e3398e84edd1537473aeb42ad8b7a6359eda9500b6b86f196

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://tbdailynews.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Fri, 01 Apr 2022 03:27:42 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 201ms
126ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=a0q9FIseKr6OnsaKlId8sQ
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 5417a0da136bae1fa2efb4174ff3c2781dd672a527b46b076b85f67d47a55318

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
744 B 718ms
381ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e9b82c6a0b34f82a080640e11c28408095ffbb490603e7caeb2fd5df4d953674

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 01 Apr 2022 03:27:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://tbdailynews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 97

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 43ms
43ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftbdailynews.com%2F&pid=RaVqM15mwFXdS&cb=0&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22mmt-676e9ac6-8cf3-49e2-866a-73f39a1294cc%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDR.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C253110c0-aba7-4877-bc35-60adbb93ceeb%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: BB1R8V63R6QDAFRVJ7BP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: exKaJB4VRr7OEgFuhrVM1hXrFi70qwCPHvjJbSSczjESbtk4bISyUg==

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
284 B 82ms
15ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
cf-ray: 6f4e3b031c5b9b98-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 93ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tbdailynews.com
date: Fri, 01 Apr 2022 03:27:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
746 B 542ms
213ms XHR
application/json 63.251.14.3
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 07161ded43ddcbba711d1074126ac2ebe7bddd2460554346248afe803bbbb091

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 01 Apr 2022 03:27:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://tbdailynews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
985 B 378ms
180ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tbdailynews.com
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
331 B 129ms
63ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22439edc04f52e3a8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftbdailynews.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22446e257ddfdb9bd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDA.B%22%2C%22gpid%22%3A%22%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDA.B%23anchor-2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22253110c0-aba7-4877-bc35-60adbb93ceeb%22%2C%22hp%22%3A1%2C%22rid%22%3A%227a2ed7cc-a916-4fd7-864e-8a5ba2ad8baa%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2232a70e8e-bb40-4dcc-9751-097c670e1220%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22efda55b9-c65f-43d8-9839-5b157d1943b0%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-04-01T03%3A27%3A42%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c35319041a482d7e415f583e59f981890ef4d7f3985813e3c8d4e2dc550381f0

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.28], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://tbdailynews.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Fri, 01 Apr 2022 03:27:42 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
224 B 125ms
36ms XHR
text/plain 54.171.236.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=6.15.0&p=%5B%7B%22placement_id%22%3A%22mmt-497f5455-11ae-4521-ab5b-5c288eef0a89%22%2C%22callback_id%22%3A%224625c0865343a1%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222540682011836620841%22%2C%22gpid%22%3A%22%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDA.B%23anchor-2%22%7D%5D&page_url=https%3A%2F%2Ftbdailynews.com%2F&bust=1648783662498&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Home%20-%20TB%20Daily%20News&w=1600&h=1200&pubcid=32a70e8e-bb40-4dcc-9751-097c670e1220&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22253110c0-aba7-4877-bc35-60adbb93ceeb%22%2C%22hp%22%3A1%2C%22rid%22%3A%227a2ed7cc-a916-4fd7-864e-8a5ba2ad8baa%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2232a70e8e-bb40-4dcc-9751-097c670e1220%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.236.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-236-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tbdailynews.com
pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
830 B 197ms
133ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

83d13755ed3e66fc8b99ab4cd15e660538dab0d768ea66b1ae570fb9d8b7be61

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:42 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2e7e4805-8d90-48c5-a58b-d04c16630083
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tbdailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
866 B 108ms
55ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a9b7d719ef93ee000afa5699722ec21a0771e18320c0108dd5949a764ce420fe

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 3 KB
3 KB 100ms
83ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 46ecd664790e88e6e937ec78bc3b47f85970af27d836641d85766a5dbd765c40

Request headers

Referer: https://tbdailynews.com/
x-openrtb-version: 2.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
content-length: 3110

POST
H2 200 prebid_display Show response
display.bfmio.com/ 138 B
464 B 302ms
111ms XHR
text/plain 184.73.205.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.73.205.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-73-205-114.compute-1.amazonaws.com

Software

Resource Hash

a1cc99b80167e2817378e50a838c5b50707ea101624893ba1b98b6201009dce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding, User-Agent
content-type: text/plain;charset=iso-8859-1
access-control-allow-origin: https://tbdailynews.com
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 148

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
348 B 406ms
236ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tbdailynews.com
date: Fri, 01 Apr 2022 03:27:42 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 125
vary: origin, Accept-Encoding

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
728 B 97ms
36ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22585758852a3db16%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDA.B%23anchor-2%22%7D&ref=https%3A%2F%2Ftbdailynews.com%2F&s=c63d686c-e182-490b-beaa-43721aa8ee3f&pv=7e086590-b51d-405e-a7e1-45983b95651b&vp=desktop&lib_name=prebid&lib_v=6.15.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22253110c0-aba7-4877-bc35-60adbb93ceeb%22%2C%22hp%22%3A1%2C%22rid%22%3A%226d536f63-974c-4856-9550-67e708dda569%22%7D%5D%7D&userid=%7B%22pubcid%22%3A%2232a70e8e-bb40-4dcc-9751-097c670e1220%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2232a70e8e-bb40-4dcc-9751-097c670e1220%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

2c4fde915e90fe52bcf7e51b36561485afa8df96b2f5bbf4b4439708617b41f7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:42 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://tbdailynews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
351 B 172ms
123ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=a0q9FIseKr6OnsaKlId8sQ
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 6cce87bb0a4fd5886b3432b1e849c97917d687bfc0498ca2c44c23f918dd7263

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 45ms
45ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftbdailynews.com%2F&pid=RaVqM15mwFXdS&cb=1&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22mmt-497f5455-11ae-4521-ab5b-5c288eef0a89%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22590026871%2FFAL02M%2FFAL02M-DDA.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2C253110c0-aba7-4877-bc35-60adbb93ceeb%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: VDMSH49YE9907R7P35MG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ftBr1-yLuXfvCEDIGqvcvWDdfkTgCsQyKT0uWGjXa704Q0w7HI5AbQ==

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 9ms
8ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=6d587511-1774-d043-d0e3-386933f3f14f&a=s.d&u=676e9ac6-8cf3-49e2-866a-73f39a1294cc
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:00:10 GMT
age: 1652
x-guploader-uploadid: ADPycdujQZAiZjRTzrckBVOwjJGtG61NH07LOUrUmFluu5yv6-qp_lxkJgtvcaZQLcuwnbku8zheSj6JJulYJgXwANnEFcSjaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Fri, 01 Apr 2022 04:00:10 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 9ms
9ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=6d587511-1774-d043-d0e3-386933f3f14f&a=s.d&u=497f5455-11ae-4521-ab5b-5c288eef0a89
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:00:10 GMT
age: 1652
x-guploader-uploadid: ADPycdujQZAiZjRTzrckBVOwjJGtG61NH07LOUrUmFluu5yv6-qp_lxkJgtvcaZQLcuwnbku8zheSj6JJulYJgXwANnEFcSjaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Fri, 01 Apr 2022 04:00:10 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/100/ Frame 23E6 52 KB
15 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/100/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 16:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 16:04:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Fri, 01 Apr 2022 16:08:48 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 0F5C 156 B
522 B 332ms
227ms XHR
application/json 34.211.187.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.187.4 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-187-4.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

57a689262a6a4ec743dd57aaedf489fa7ce2203cf50c63689db86e92ded64910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ Frame 94DE 54 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47b79be5d6d50f9e0bb185185d8a488fbe5352572b359470edbb6d9f0f0d6b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 18:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19332
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Mar 2023 18:02:24 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 90ms
9ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://tbdailynews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://tbdailynews.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 01 Apr 2022 03:27:42 GMT
server: ATS/9.1.0.33

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 90ms
10ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://tbdailynews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://tbdailynews.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 01 Apr 2022 03:27:42 GMT
server: ATS/9.1.0.33

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 62ms
10ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://tbdailynews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://tbdailynews.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 01 Apr 2022 03:27:42 GMT
server: ATS/9.1.0.33

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 152 KB
13 KB 414ms
266ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_DoctorTurtleboy_old&dnt=false&domain=tbdailynews.com&lang=en&screen_name=DoctorTurtleboy&suppress_response_codes=true&t=1831981&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

4f6bc4fce5d6c219611106c6ab73ff0c18182cb937b3a30ba40c4d7bd01ebbf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=209
content-length: 12560
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 183
last-modified: Fri, 01 Apr 2022 03:27:42 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ", VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 0affe87a587fe7013ab99bf8ec59e722251ab5bea4a71763a932142623e4e583
timing-allow-origin: *
x-transaction: e7e1a4444164df15
expires: Fri, 01 Apr 2022 03:32:42 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 23E6 98 B
142 B 18ms
18ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b9fb69580046ed244466ccbc8d5e3ee8b92b244934429e29b3bef8c208ffaef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 01 Apr 2022 03:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 01 Apr 2022 03:27:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 28 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?ver=5.9.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebf2964e7c4ffa5357ee52ce722a56fc60ebc134c1dfcbed56b40cbeb970c53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 20:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9532
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 20:08:33 GMT

POST
H/1.1 200 1013.json Show response
id5-sync.com/g/v2/ 213 B
533 B 53ms
21ms XHR
application/json 54.36.109.46
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1013.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.46 , France, ASN16276 (OVH, FR),

Reverse DNS

p01.id5-sync.com

Software

Resource Hash

3675cf844bdaf6da0aeac37e58ff399ef6ad6b94a02cac50d65f4ad0b5c4f2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://tbdailynews.com
Date: Fri, 01 Apr 2022 03:27:41 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 5424 604 B
295 B 51ms
51ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0972dab44fc5f44e1f69b312fcb4b09d11edead6550e0652f2ed0bd66effbcad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 01 Apr 2022 03:27:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 45ms
22ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 13:17:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 569383
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Mar 2023 13:17:59 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 44ms
21ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 21:17:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 281425
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Mar 2023 21:17:17 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 34ms
21ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 09:49:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 149864
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Mar 2023 09:49:58 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 32ms
21ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 18:13:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 292434
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Mar 2023 18:13:48 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 31ms
20ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 18:22:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 119086
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Mar 2023 18:22:56 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 19ms
19ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=6d587511-1774-d043-d0e3-386933f3f14f&a=b.r&u=497f5455-11ae-4521-ab5b-5c288eef0a89&d=%7B%22utm%22%3A%7B%7D%7D
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:00:10 GMT
age: 1652
x-guploader-uploadid: ADPycdujQZAiZjRTzrckBVOwjJGtG61NH07LOUrUmFluu5yv6-qp_lxkJgtvcaZQLcuwnbku8zheSj6JJulYJgXwANnEFcSjaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Fri, 01 Apr 2022 04:00:10 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 5424 9 KB
2 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Mar 2023 09:20:50 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 5424 149 KB
44 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCWxTJ-zRHUHfP84jfbCvquA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 16:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Mar 2023 16:37:55 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ Frame 5424 128 KB
42 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

848fbad57cfe0865b4425b4ce3870d42d583b24544739775b0afa50553aefb06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43036
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 01:25:33 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 21ms
21ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=6d587511-1774-d043-d0e3-386933f3f14f&a=b.r&u=676e9ac6-8cf3-49e2-866a-73f39a1294cc&d=%7B%22utm%22%3A%7B%7D%7D
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:00:10 GMT
age: 1652
x-guploader-uploadid: ADPycdujQZAiZjRTzrckBVOwjJGtG61NH07LOUrUmFluu5yv6-qp_lxkJgtvcaZQLcuwnbku8zheSj6JJulYJgXwANnEFcSjaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Fri, 01 Apr 2022 04:00:10 GMT

GET
H2 200 _yQcB2bX
pbs.twimg.com/card_img/1509707887224008709/ Frame 70C3 20 KB
21 KB 193ms
191ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509707887224008709/_yQcB2bX?format=jpg&name=280x280

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE5) /

Resource Hash

72c0ce916cc68697ab06314b7b75bbc438abe9e812fb38929d3ed9f6a159b2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 5547
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=25
content-length: 20939
x-response-time: 256
surrogate-key: card_img card_img/bucket/6 card_img/1509707887224008709
last-modified: Fri, 01 Apr 2022 01:41:03 GMT
server: ECS (mil/6CE5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ffac750b6ceffbb0641c8233d36d264321cf0971d442b839b661468d54f4c784
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 8fYrzFRA
pbs.twimg.com/card_img/1509634917147320329/ Frame 70C3 39 KB
39 KB 193ms
191ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509634917147320329/8fYrzFRA?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE5) /

Resource Hash

462005d62fd16899b10f7a3c1c1b3c887df57719993ca86ed8c4db026c718c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 23669
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=31
content-length: 40143
x-response-time: 253
surrogate-key: card_img card_img/bucket/4 card_img/1509634917147320329
last-modified: Thu, 31 Mar 2022 20:51:06 GMT
server: ECS (mil/6CE5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a9f54cd0cf84cda9c2eb76c2d8688d1ea1914e225eb93523438efebd3e4888ad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 A9h2JE_q
pbs.twimg.com/card_img/1509624103543660550/ Frame 70C3 38 KB
38 KB 190ms
189ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509624103543660550/A9h2JE_q?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE4) /

Resource Hash

1955b201ba599a970a20e5353fbd502bd29bbcba8eb308b39411b5ee1a22a194

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 26067
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=22
content-length: 38821
x-response-time: 259
surrogate-key: card_img card_img/bucket/3 card_img/1509624103543660550
last-modified: Thu, 31 Mar 2022 20:08:08 GMT
server: ECS (mil/6CE4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8e746c3d25d0c806527c448f4d65122ad6a56ef51862257f2e0b4a5f841862a0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 mXqw1-qi
pbs.twimg.com/card_img/1509563420064067595/ Frame 70C3 42 KB
42 KB 68ms
67ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509563420064067595/mXqw1-qi?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEA) /

Resource Hash

eeec91b2fadfdf6d8765b108702665cf6fe0741a4305e499a76143d51350651c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 40465
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 42682
x-response-time: 250
surrogate-key: card_img card_img/bucket/9 card_img/1509563420064067595
last-modified: Thu, 31 Mar 2022 16:07:00 GMT
server: ECS (mil/6CEA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4335c10e87a86ca165145564331005f1e6770e779e613880e77cd64464d35fce
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 7U5xDeAx
pbs.twimg.com/card_img/1509354231186300929/ Frame 70C3 45 KB
45 KB 133ms
132ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509354231186300929/7U5xDeAx?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE5) /

Resource Hash

81a33be7d08ccdf5f6a4b90ab2db0cfe0c538cb9ffb2acdd167e7187147956b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 90590
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 45669
x-response-time: 263
surrogate-key: card_img card_img/bucket/7 card_img/1509354231186300929
last-modified: Thu, 31 Mar 2022 02:15:45 GMT
server: ECS (mil/6CE5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: be3bd4073cbfee950bff4932b74772c2ebac2b4cc26755a99773a44d310a9e4c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 oZe7vWvm
pbs.twimg.com/card_img/1509240045986852871/ Frame 70C3 29 KB
29 KB 140ms
139ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509240045986852871/oZe7vWvm?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF3) /

Resource Hash

bccb67d7541bf76ef32d9cdb154f3366b9266499d9dbb443d43e131780b5c932

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 117777
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 29522
x-response-time: 255
surrogate-key: card_img card_img/bucket/2 card_img/1509240045986852871
last-modified: Wed, 30 Mar 2022 18:42:01 GMT
server: ECS (mil/6CF3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cff51c52ed072c26f8456c582be0bfe9551bfddb796969bf2dc3e77113bb1afa
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 R_BzZVCT
pbs.twimg.com/card_img/1508917450116636674/ Frame 70C3 50 KB
50 KB 72ms
72ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1508917450116636674/R_BzZVCT?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

33a4a600d0dc6eff04169234f171792e640e74d0173a41899e7d045d8f7074f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 194672
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 50928
x-response-time: 249
surrogate-key: card_img card_img/bucket/8 card_img/1508917450116636674
last-modified: Tue, 29 Mar 2022 21:20:09 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 657624d8b994bcf373f4f6200c470550530fafe25df6abd831eef02b870b65af
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Xl9xG2z7
pbs.twimg.com/card_img/1508833964999553025/ Frame 70C3 31 KB
32 KB 108ms
107ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1508833964999553025/Xl9xG2z7?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CED) /

Resource Hash

5b62ca3af1edeacc1dac615ca246629493d560465dde909b01fff075169fe24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 214519
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 32023
x-response-time: 245
surrogate-key: card_img card_img/bucket/6 card_img/1508833964999553025
last-modified: Tue, 29 Mar 2022 15:48:24 GMT
server: ECS (mil/6CED)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2814d36c3873b27bab5e65da06b91fc41037972e601c42588257f10a3375e32c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 VGn_M1gu
pbs.twimg.com/card_img/1508597368832335884/ Frame 70C3 32 KB
32 KB 62ms
62ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1508597368832335884/VGn_M1gu?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE5) /

Resource Hash

9c40b0d8d543ab82da891bdf85bd21d1537c6d45cdfe8c457be40b2370f2e177

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 270965
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 32371
x-response-time: 265
surrogate-key: card_img card_img/bucket/2 card_img/1508597368832335884
last-modified: Tue, 29 Mar 2022 00:08:15 GMT
server: ECS (mil/6CE5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 854b4a72cd2960e41d167d692cb1e92d10558d282046c003cbc5906804755bdb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 oRoBBZ1J
pbs.twimg.com/card_img/1508524563415670791/ Frame 70C3 41 KB
41 KB 63ms
63ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1508524563415670791/oRoBBZ1J?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF8) /

Resource Hash

a15aba7bd5cf7c7ff829f84b579e44c1cacf577761fac537416e46bfe33260c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 288310
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 42050
x-response-time: 255
surrogate-key: card_img card_img/bucket/7 card_img/1508524563415670791
last-modified: Mon, 28 Mar 2022 19:18:57 GMT
server: ECS (mil/6CF8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6696a7a91b9f3401dd0e874ae6cee651c54b0a9b5bc886657c5ebb57c7be0ea1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 _keYqSXI
pbs.twimg.com/card_img/1507870600488005633/ Frame 70C3 16 KB
16 KB 55ms
54ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1507870600488005633/_keYqSXI?format=jpg&name=280x280

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

7ac41ad632fdb5f271ca4c803559bd87bad3947f2ee23bf293ee378e920997be

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 440111
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 16511
x-response-time: 252
surrogate-key: card_img card_img/bucket/9 card_img/1507870600488005633
last-modified: Sun, 27 Mar 2022 00:00:20 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e53d9674255fd7abb497ef9e354d0bb39c9ac8eeedc191d77e7747d2bc69fc2d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 70C3 53 KB
12 KB 63ms
63ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:43 GMT
Content-Encoding: gzip
Age: 27320
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:48:52 GMT
Server: ECS (mil/6CE4)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 41ms
41ms Image
text/css 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6381) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:43 GMT
Content-Encoding: gzip
Age: 27333
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:48:52 GMT
Server: ECS (lhb/6381)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 161ms
44ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tbdailynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 118ms
40ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tbdailynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 193ms
192ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2694508096922078&correlator=624299608342311&hxva=1&scor=4444221669331743&eid=31065998%2C31065787%2C21065725&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=20842576%3A22590026871%2CFAL02M%2CFAL02M-DDA.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=3336983485&sfv=1-0-38&ecs=20220401&fsapi=false&prev_scp=pos%3D2%26monu%3D728x90_B2%26directDeals%3Dsticky_bottom%26yieldmo_eb%3Dapproved%26openx_eb%3Dnot_approved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26sovrn_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dd6f88132-ec90-4468-b67c-209323a12dce%26monu_df%3D0.04%26safeframe%3Dfalse%26bid_source%3Dclient%26hb_size%3D728x90%26hb_adid%3D529e2e183857cde%26hb_bidder%3Dyahoossp%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect%26hem_included%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1648783663064&lmt=1648783663&dlt=1648783659778&idt=2684&biw=1600&bih=1200&adxs=436&adys=1194&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Ftbdailynews.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=930121166.1648783661&ga_sid=1648783663&ga_hid=800337870&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1f98be2ee0c5e18b86c01bfacd9d3623477dd404d3c0e737142cd3c64fa46a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8085
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B976 6 KB
4 KB 191ms
38ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:27:43 GMT
expires: Sat, 01 Apr 2023 03:27:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 VLxEzGBx_normal.jpg
pbs.twimg.com/profile_images/1430169594992414724/ Frame 70C3 2 KB
2 KB 85ms
85ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1430169594992414724/VLxEzGBx_normal.jpg

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF7) /

Resource Hash

67996196a76615ac20aac20bad4f1562daa4ec1ec442567224e403640b005add

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 194948
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2035
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/0 profile_images/1430169594992414724
last-modified: Tue, 24 Aug 2021 14:04:17 GMT
server: ECS (mil/6CF7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 32cdf0302a9379ae0172bdf81ceaa811e4a64a73d2fc4dd4c2c9243303b46b68
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 RC1YSvuT_normal.jpg
pbs.twimg.com/profile_images/1427292844612595720/ Frame 70C3 2 KB
2 KB 84ms
84ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1427292844612595720/RC1YSvuT_normal.jpg

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF1) /

Resource Hash

31507f73a2c904e73317979e82c8c4531befda90852ca9681ce9fd0a64f7c3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 301947
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 1883
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/0 profile_images/1427292844612595720
last-modified: Mon, 16 Aug 2021 15:33:06 GMT
server: ECS (mil/6CF1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 127f99dafc909d67bd624acc30ca04d31086654e6d86b2375d629bbb5b619934
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 airIaZpR_normal.jpg
pbs.twimg.com/profile_images/1472987101864112130/ Frame 70C3 2 KB
2 KB 99ms
98ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1472987101864112130/airIaZpR_normal.jpg

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF0) /

Resource Hash

94229595ba522324bae8df16a451c82fbf0da5ff92a855a8e1276aeb90d45d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 29491
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=26
content-length: 1883
x-response-time: 110
surrogate-key: profile_images profile_images/bucket/6 profile_images/1472987101864112130
last-modified: Mon, 20 Dec 2021 17:45:46 GMT
server: ECS (mil/6CF0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c7557100e545fff4241168005e41dfed2f22ba485dda94ab56e23a1d222dc6f9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FPJn0iGWUAEU6Z5
pbs.twimg.com/media/ Frame 70C3 49 KB
49 KB 99ms
98ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FPJn0iGWUAEU6Z5?format=jpg&name=small

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CED) /

Resource Hash

248187442267ed013f3a6c4e7b62cc521ca4f6aef1c31b6d623b120618da9639

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 83719
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=27
content-length: 49785
x-response-time: 220
surrogate-key: media media/bucket/7 media/1509382977326829569
last-modified: Thu, 31 Mar 2022 04:09:59 GMT
server: ECS (mil/6CED)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e7ff4114943bc19f1880cb47822e6b9fd3b1021e95e07ccd2ab42347f5752aa6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FO0SwEfXMAIsVax
pbs.twimg.com/media/ Frame 70C3 68 KB
68 KB 59ms
58ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FO0SwEfXMAIsVax?format=jpg&name=small

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF1) /

Resource Hash

f9bb4df11b6dfd0422796161812d2e71fdcbe8c568a8dcb1b6d5f8f04c4a8cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 441431
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 69170
x-response-time: 217
surrogate-key: media media/bucket/5 media/1507882067287289858
last-modified: Sun, 27 Mar 2022 00:45:54 GMT
server: ECS (mil/6CF1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 484111aa40d0f1cfed7563506db3d40631db5b929f9ee9e2722a0c6ed4097040
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FO0GSPMXwAQOovl
pbs.twimg.com/media/ Frame 70C3 83 KB
83 KB 64ms
64ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FO0GSPMXwAQOovl?format=png&name=small

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CDE) /

Resource Hash

7767bfcf63f2c6a19d8b846d27ca215b9bc124383ceca10884162ec5958017a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 444683
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 84734
x-response-time: 217
surrogate-key: media media/bucket/5 media/1507868360624816132
last-modified: Sat, 26 Mar 2022 23:51:26 GMT
server: ECS (mil/6CDE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f8a4d0134bd48da7291ae1789973cd72b2b8f870bccd6b1822be80c828a1af5f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FOvdk0zXsAIitqh
pbs.twimg.com/media/ Frame 70C3 62 KB
62 KB 69ms
69ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FOvdk0zXsAIitqh?format=jpg&name=900x900

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEE) /

Resource Hash

eb9210fe95d9d7932e1be4a2628eab49b5f9d34c389018f65c6642edcaba73b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 517199
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 63169
x-response-time: 288
surrogate-key: media media/bucket/8 media/1507542125004697602
last-modified: Sat, 26 Mar 2022 02:15:06 GMT
server: ECS (mil/6CEE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d002b8331fe20326fa74538a79872061a383b4783fa85ede64efb2c9294b1b97
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 70C3 44 KB
7 KB 276ms
79ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C76) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57571
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 6
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (mil/6C76)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 3b4e51af917aaa0ed8b68aea7647fa7838c0ddb24a928759d38dad1b8ddb5117
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 08 Apr 2022 03:27:43 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 277ms
80ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C76) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57571
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 6
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (mil/6C76)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 3b4e51af917aaa0ed8b68aea7647fa7838c0ddb24a928759d38dad1b8ddb5117
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 08 Apr 2022 03:27:43 GMT

GET
DATA 200
OK truncated
/ Frame 70C3 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 70C3 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 70C3 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 70C3 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 70C3 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 A9h2JE_q
pbs.twimg.com/card_img/1509624103543660550/ Frame 70C3 38 KB
38 KB 66ms
65ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509624103543660550/A9h2JE_q?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE4) /

Resource Hash

1955b201ba599a970a20e5353fbd502bd29bbcba8eb308b39411b5ee1a22a194

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 26067
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 38821
x-response-time: 259
surrogate-key: card_img card_img/bucket/3 card_img/1509624103543660550
last-modified: Thu, 31 Mar 2022 20:08:08 GMT
server: ECS (mil/6CE4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8e746c3d25d0c806527c448f4d65122ad6a56ef51862257f2e0b4a5f841862a0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 253ms
252ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2694508096922078&correlator=1058454524713132&hxva=1&scor=4444221669331743&eid=31065998%2C31065787%2C21065725&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fif&iu_parts=20842576%3A22590026871%2CFAL02M%2CFAL02M-DDR.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600&ifi=2&adks=361604310&sfv=1-0-38&ecs=20220401&fsapi=false&prev_scp=pos%3D1%26monu%3D300x250-160x600_A1%26directDeals%3Dsticky_pillar%26yieldmo_eb%3Dapproved%26openx_eb%3Dnot_approved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26sovrn_eb%3Dapproved%26amznbid%3D2%26amznp%3D2%26tynt_pillar%3Dtrue%26tynt_id%3Da9601uhTqr67n_aKlId8sQ%26auction_id%3D64f093ac-9d10-4fcb-a38d-17ca28222d74%26monu_df%3D0.01%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_size%3D160x600%26hb_adid%3D638b17167b46281%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect%26hem_included%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1648783663215&lmt=1648783663&dlt=1648783659778&idt=2684&biw=1600&bih=1200&adxs=-300&adys=1196&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Ftbdailynews.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=930121166.1648783661&ga_sid=1648783663&ga_hid=800337870&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1beeddbbd38d5666f958c8087ac0853e823e0b7bbf9f3dd30a933ac1af235119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mXqw1-qi
pbs.twimg.com/card_img/1509563420064067595/ Frame 70C3 42 KB
42 KB 58ms
58ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509563420064067595/mXqw1-qi?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEA) /

Resource Hash

eeec91b2fadfdf6d8765b108702665cf6fe0741a4305e499a76143d51350651c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 40465
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 42682
x-response-time: 250
surrogate-key: card_img card_img/bucket/9 card_img/1509563420064067595
last-modified: Thu, 31 Mar 2022 16:07:00 GMT
server: ECS (mil/6CEA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4335c10e87a86ca165145564331005f1e6770e779e613880e77cd64464d35fce
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 7U5xDeAx
pbs.twimg.com/card_img/1509354231186300929/ Frame 70C3 45 KB
45 KB 58ms
58ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509354231186300929/7U5xDeAx?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE5) /

Resource Hash

81a33be7d08ccdf5f6a4b90ab2db0cfe0c538cb9ffb2acdd167e7187147956b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 90590
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 45669
x-response-time: 263
surrogate-key: card_img card_img/bucket/7 card_img/1509354231186300929
last-modified: Thu, 31 Mar 2022 02:15:45 GMT
server: ECS (mil/6CE5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: be3bd4073cbfee950bff4932b74772c2ebac2b4cc26755a99773a44d310a9e4c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 container.html Show response
21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E6D 6 KB
3 KB 76ms
42ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:27:43 GMT
expires: Sat, 01 Apr 2023 03:27:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 oZe7vWvm
pbs.twimg.com/card_img/1509240045986852871/ Frame 70C3 29 KB
29 KB 58ms
58ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1509240045986852871/oZe7vWvm?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF3) /

Resource Hash

bccb67d7541bf76ef32d9cdb154f3366b9266499d9dbb443d43e131780b5c932

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 117777
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 29522
x-response-time: 255
surrogate-key: card_img card_img/bucket/2 card_img/1509240045986852871
last-modified: Wed, 30 Mar 2022 18:42:01 GMT
server: ECS (mil/6CF3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cff51c52ed072c26f8456c582be0bfe9551bfddb796969bf2dc3e77113bb1afa
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 R_BzZVCT
pbs.twimg.com/card_img/1508917450116636674/ Frame 70C3 50 KB
50 KB 61ms
60ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1508917450116636674/R_BzZVCT?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

33a4a600d0dc6eff04169234f171792e640e74d0173a41899e7d045d8f7074f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 194672
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 50928
x-response-time: 249
surrogate-key: card_img card_img/bucket/8 card_img/1508917450116636674
last-modified: Tue, 29 Mar 2022 21:20:09 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 657624d8b994bcf373f4f6200c470550530fafe25df6abd831eef02b870b65af
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Xl9xG2z7
pbs.twimg.com/card_img/1508833964999553025/ Frame 70C3 31 KB
31 KB 62ms
61ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1508833964999553025/Xl9xG2z7?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CED) /

Resource Hash

5b62ca3af1edeacc1dac615ca246629493d560465dde909b01fff075169fe24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 214519
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 32023
x-response-time: 245
surrogate-key: card_img card_img/bucket/6 card_img/1508833964999553025
last-modified: Tue, 29 Mar 2022 15:48:24 GMT
server: ECS (mil/6CED)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2814d36c3873b27bab5e65da06b91fc41037972e601c42588257f10a3375e32c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 VGn_M1gu
pbs.twimg.com/card_img/1508597368832335884/ Frame 70C3 32 KB
32 KB 60ms
60ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1508597368832335884/VGn_M1gu?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE5) /

Resource Hash

9c40b0d8d543ab82da891bdf85bd21d1537c6d45cdfe8c457be40b2370f2e177

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 270965
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 32371
x-response-time: 265
surrogate-key: card_img card_img/bucket/2 card_img/1508597368832335884
last-modified: Tue, 29 Mar 2022 00:08:15 GMT
server: ECS (mil/6CE5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 854b4a72cd2960e41d167d692cb1e92d10558d282046c003cbc5906804755bdb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
205 B 38ms
38ms Image
image/gif 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=273114
accept-ranges: bytes
content-length: 43
expires: Mon, 04 Apr 2022 07:19:37 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
324 B 148ms
30ms Image
image/gif 23.205.239.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-239-15.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 03:27:43 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=1165745
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 14 Apr 2022 15:16:48 GMT

GET
H2 200 oRoBBZ1J
pbs.twimg.com/card_img/1508524563415670791/ Frame 70C3 41 KB
41 KB 52ms
52ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1508524563415670791/oRoBBZ1J?format=jpg&name=600x314

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF8) /

Resource Hash

a15aba7bd5cf7c7ff829f84b579e44c1cacf577761fac537416e46bfe33260c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
age: 288310
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 42050
x-response-time: 255
surrogate-key: card_img card_img/bucket/7 card_img/1508524563415670791
last-modified: Mon, 28 Mar 2022 19:18:57 GMT
server: ECS (mil/6CF8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6696a7a91b9f3401dd0e874ae6cee651c54b0a9b5bc886657c5ebb57c7be0ea1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 163A 624 B
300 B 36ms
35ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLhgcsCEInDn9ACGNCfscABMAE&v=APEucNUDD8O2UO4YA3LP_7yVnJQXRWyQdMJ9dkFzJJCHYFXxt63ZmyOVbGWIevThePCgNFOh_aac9yETEpOStKDoIhhhLWbGIsmHBgmu5QUJQvuEz6XTCRbkwUNv3XRnGw-fRvcC_d5A7xtsks9Qd7cETsGxS0NR_emRXO8laHDUtLAHYSPB34U

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:27:43 GMT
expires: Fri, 01 Apr 2022 03:27:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3E6D 80 KB
33 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbJhCmY9JBCaCk3A_1ErieSfUeJFAyFL3RfwpCkbSABAlqEkYuRPIpod7iYMVP_Fzpezc3EyxJ9OjBWmYMCO_NAF2Eyg&cry=1&dbm_d=AKAmf-D3v4harz7gZRym8jcPqIRkY3z5s0-CNkddJhklG9set_N2XK3p3GhNHqmvFNbnaM_d7JFE19pqtdwljktavMFe5xM3a2qOGAkzTBXdPnd6LCBHGwwY6IYo3JThfbt36Aa-de3gJxHG5nH2SYUiNXUKiyfnHH3NC71JfwBi7yQ6rVHygnuIEeKH6v-QNwBz-IwQtTghAj7JSlB-1SdZII5u7W2xjF8AHqa_teQtQmWWnr-35YaoHDvich45oL1weEPUJzTdRlOX7p-EEr_gq5iE9pk7WgJPmkJ5jNDjWU3z9vspeuYj2f6VLE-eOy3UgN0S6evaCA8E2sdr1OJx2FBQ0BK2c9winoQ3Ke4HcIzRGJWg58yctUClkQVmbuVEgOmdxlaWvsr8UAlegV7WPMD0Yz7PXADN8kVU7NM3YVrqtghJ12dBnV1VomJ1Av2Ip1iJnQgPkueNOXgFZrlasO43hqaxv8Hw_SNGyNUFG8beqTzQ0qbcQNRhqL-rhPQFjc91GTYY1lpSYJR0-y6xTBmCUl2W1BUwqZxoZzRKItouu5BdGpbj1pN0Rci3muFXL8wKidq96wAgJqQ2Rvf8W4WCZSvQTKfJv2qtbzv0Pqw5vZomTOcS-LZ52y1NmQL3soINBbjddaGtj5jSPKX_AFcnJ6nHAjJ7XpytSSJJQ5syTXlbgkn7ie__UhsgA0w3FBWS6UEPpA_v1GPHLXSIUGhqbRujU75C576X2T7xFySt1Um2aFdgxtkoiEnHU6YeRrlP2MArQkodi2h6EquWGcQ-k9JvIX18tD1G1azAC-GX5OhfcFpNjzwUyWfOnICNpkjObMXCaymj6CdytyDkIV9Zj15JNfg0GVVUOhOJThoiHZO5XeFy2sbSMsQa4-bQaCvMBJ7sve8bQ4Nj1Fjsg7pzfet1_LVKx6s2j41YqiLsZ1d-tRFj4ACPojXMatGPUHZo-KzVD69L85adgk2KfintoDfKsDralilvjkKUntdZyVHk8y1Dv5T42Sd3PVavTl1wDwEgYdsc33G4AbFWeB7G4xP8ebnj6yxVBUoP-s3zzAuT8Ni0Bf723bTD5poW47LsnRfJRQgcrTSLl-NIXrjDtyKHk64hLc_Tq8iBjW1KW1AQ8cJRT2S6ncqy77B0Ab8pxfpM7YL1nsidJhJv9JaqRBbUL7e1qOS2uphy7bLBwQrmVwXy2_fLgM9dUKvk6yty9t4wDEbeHij-EeFOlKyXzQLX5rRZb-f9fDA1Ud1kIBJZnSKemtrq-hnzmEJKUNg6yEku5wImWUoKvAF4ooyY8gGHSk0yIvZlrwpEAAE6YZs5F_qzM4ceQLAfuFJkFgUsCVbynQV_w6QpXzvLxZemwiUqMOeAJG24KMg7QTQoEa36kPqyGoL8NRtaVpDpcMTLGpXr8UBkrqkyCcLtdMnJHpfFU1ekrbICLwyC2mBQjoChuUD05Tr4g-llAIYD7CC-Ww3Do7PH-BoTorh88p7wuHWbWDFMI0zOuwN5LnJoVDrNMZSmoUdQnkvE-tgMrosULpivicVHt3pUw0pcNyQHhoPEWfJxkKaBANNpvPquEDfA7w49QoYbsRa_f7-35pYBQ1DBmwub4OSNnEVBzi7RLPhSURyxbR-AAettxzONsqd94_Rzw4-4Dfb0Zh8GrQFG3Zx8CQQ4vBTCab_NBHyPyvdqTfC7s-CnOoJWzTSSQiclAwVvVJtPnztcoPXiX5MWUK8ndkao5LDXYZ_YWNHasYZTNcoCIF6IksoCYU_1GbL1oVnyQtp-6D_h6HILDXkVU8JvQ2vps3pppKj96YOIKYgtPKrs4YJC0tQn8An_cJNLaIWNVZJVocP9Fk9Yv5FG7dMGwFpPVLoVDuWhBn4_lXCt5WrXR7juIcFbc95NIdIL5j1PPAH2UCyhNzVtZcNAr1QHuVGWTLjNfVYtIXOSOjseEQsiz1UbfT1NlOwZQNY0MhpB7CUaUhJut15U92naYScbRakRRQUUEuFNNhghHNO5x6gT-6YuTDyXprP7XD21GnC8vITKC_q1lboNVZxWtREsFh5uhClXJ-p0Mrmfypk3RskAQKVN6Y376qXswETgtmLSDh-q7RRro49jD-SKUy4HxKx0S_wtOySGN8Nh61B0OCbpvcTRlJ6nkJtG-CzTUQ43FuZm4wdVLuobancsPdrwTUS0dUqiS4_InDEdaW8dW66tl2rfyKbr2lnK3coeDq-_0ZCdacw9j47_DJwP908rNOgTLDQX3FClWI-p4Kbe6JlDehvyvJzkoGgr-lNNQKLqmdaVHQfZRwWqAv1XN2JwbvJOvPXgQ-AEwT-wq0xwJPZf20b3E4b6w_o5deBYlStt4xXli2C6zQ4lGMpAtvIbtMbkoUi5XmhnzRjfZJki3T_zuKtp7ZjGUfdb0e0LltaoN88-Oak0bmyZyMbGYAeaqwgFc1d-SptZ5jKGilczpxOmPJZgxhym5UYKYBwSRTystcq2C-kzpCf5qxgIP6QUDAQoZgnM1UD0cWGJWy5mfLze3kKPmOQBZ8tkiC8_249gNtg4DqzYnnrtwPtXPcqaqnzSlrbxdvilW_9kpHC3il72QWTSbTWBt2dIVuqujhErGcnv7qA_b7cC0LBxhJCxKBmmvGxc2MiNe_Ro-T-H4IiBRYDUA1GXVb2dYuxLbmYpDt7AHPzssmgy9JDQdPTP9Uf2xjcXp7flg6c7TwweY4-ziuT0T-gbzn5PxwHIDTlBvMH6gbA0WcjcYzLdKOSYmswEnGRVxX4RbNNWW8QSdaPIKQiCcjBML8aHrVsh6ZBN9b5PxRPRMhR3hzob8Ct-wcnWvk1oCA2sKM8TXX--n1epVwX_JZRruLbRfJ9aWUaAaH91nDRHQRgXcXawpX0UzswNYvlcP4RN7UrC-VMAMMGQF9C3cJjsODzY8ezJqyrGav3soAABhsqW2YJ8b7fd78-gY1ok0RE2bSZJEh5-7Nk2R6KppQrOw5GNDonML4YyBcM66iGFjJ0JuQOspivr2HwY3BA45VLH1eB8BqgmTvANxNEtN20lr6hYoujr0CIYKe149IC_a5tQDSv3s97ulJR8YBYAwS6UA9HtrPyyPngxVq9FWu6cxzfDCaB3mx42_MtgBbPggMdwk43QHfw1lE_laUp_rBeWZVthEAYgHpp6IvTawMfMVJNf3TQzUNZVuyq5Z6xwhDOVOARvabUaxoq8cLwrS4zD_VoLNrdiU7sjTwKgdb63RvtiMxm5MsDnohvByB6N2kwvPy6PGaxzW2MG292wpYmqs5QvqAQIlg&cid=CAASJ-RoTFyNKWmjKU8N2c59NReaSnMuErwHVgI910BA59ntDod2RkrroQ&rfl=1%2Chttps%253A%252F%252Ftbdailynews.com%252F%240

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be00b39d31946af26a7f6c23c253ccf6b91ff1b49fd08c27271a0f125cd3d7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33482
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E6D 42 B
494 B 121ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AboGQnUQEs2bXq1ubjhzFiCPF7KLT5bnZzAtqBxpLxpMfvlc2wLOQmtp5Lk3LEla5yha0AzGHECyjihP5GVX6JmqnbAh-wZ9rniFpZCbwkYMaVuFo

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 3E6D 2 KB
1 KB 89ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:56:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E6D 119 KB
37 KB 99ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 03:27:43 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 3E6D 15 KB
7 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:21:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3E6D 0
0 70ms
35ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwQ07mw5nf25NZCEkCEjkhfnL_viqVhc7K9vFTwa8n83UYZiNFZur59d3Eqe1AYKOY3uTfY0Wlb3AP3m6xlJ2uTlJygw
Requested by: Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 3E6D 68 B
345 B 129ms
26ms Image
image/png 18.195.92.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fvhik8c0&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTkwMDI2ODcxL0ZBTDAyTS9GQUwwMk0tRERBLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTQ5N2Y1NDU1LTExYWUtNDUyMS1hYjViLTVjMjg4ZWVmMGE4OSJ9fQ%3D%3D&sb=undefined&cb=5609354&h=tbdailynews.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-92-214.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 container.html Show response
21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C2C9 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:27:43 GMT
expires: Sat, 01 Apr 2023 03:27:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 163A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL85tEDjflcfh_9XNACvnVU&google_cver=1

43 B
1014 B

64ms
38ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL85tEDjflcfh_9XNACvnVU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLhgcsCEInDn9ACGNCfscABMAE&v=APEucNUDD8O2UO4YA3LP_7yVnJQXRWyQdMJ9dkFzJJCHYFXxt63ZmyOVbGWIevThePCgNFOh_aac9yETEpOStKDoIhhhLWbGIsmHBgmu5QUJQvuEz6XTCRbkwUNv3XRnGw-fRvcC_d5A7xtsks9Qd7cETsGxS0NR_emRXO8laHDUtLAHYSPB34U
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Apr 2022 03:27:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL85tEDjflcfh_9XNACvnVU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 163A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkZxLyAnU9U4Byqgrv5O1wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1

43 B
894 B

44ms
44ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLhgcsCEInDn9ACGNCfscABMAE&v=APEucNUDD8O2UO4YA3LP_7yVnJQXRWyQdMJ9dkFzJJCHYFXxt63ZmyOVbGWIevThePCgNFOh_aac9yETEpOStKDoIhhhLWbGIsmHBgmu5QUJQvuEz6XTCRbkwUNv3XRnGw-fRvcC_d5A7xtsks9Qd7cETsGxS0NR_emRXO8laHDUtLAHYSPB34U
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Apr 2022 03:27:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 163A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKmNPRo7928p5wNcCy6ls0U&google_cver=1

43 B
1016 B

23ms
23ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKmNPRo7928p5wNcCy6ls0U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLhgcsCEInDn9ACGNCfscABMAE&v=APEucNUDD8O2UO4YA3LP_7yVnJQXRWyQdMJ9dkFzJJCHYFXxt63ZmyOVbGWIevThePCgNFOh_aac9yETEpOStKDoIhhhLWbGIsmHBgmu5QUJQvuEz6XTCRbkwUNv3XRnGw-fRvcC_d5A7xtsks9Qd7cETsGxS0NR_emRXO8laHDUtLAHYSPB34U

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8ff53467-5979-42d1-8c2b-af2dadad73a4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKmNPRo7928p5wNcCy6ls0U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 163A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MTQ0MzM5OTA4MjAwMDg1NQ%3D%3D

170 B
243 B

69ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MTQ0MzM5OTA4MjAwMDg1NQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 00ee47de-65d4-446c-9885-d9723998aa1a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MTQ0MzM5OTA4MjAwMDg1NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A692 624 B
297 B 39ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-o9AEQtYHOAhibyrrEATAB&v=APEucNViNM8GAs7Z1yd2J6tt3oSK9WJGZCF6XjLomryJE2yuLxvkfhGWhUF3SRsMwtFd__LRsqqMphj0jqwUWoUbHMeA8tjEgBPzoygC5lHkyP0oT_s3oCH6mDKUrU0-zlzWvuzc1iCR_oLr_0y9ikbUHmnC0Z5___bayo2vhqJ6syy_cdHNaOM

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:27:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C2C9 60 KB
30 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrtBJWvDerwu3zbjDBpAIqRe_VMkjU1rNQg3_7_l7JMITzI_3-8ikORTh_JW8KbNE8bCNBRC4iEzISRGOXOhlEKwJsDQ&cry=1&dbm_d=AKAmf-CuJOVn6G7gaG1RhHW47a0v2_4t8sPBAooqrL9c4MMUeUmTm6g1D0f8Z2r0S3CzLxHq4OaXKz9cR78ChwgW60L3czwu-Km-Dtf-5oAjti6S1rknJTMi4PB3N-_HEyGwi1hrdhi2epraBAKBCnI86u5MnaFQTMs_G3mLMl0V7b3wfvL0Fak7kJOKmbwZt8vvWBFIbMfNwoM-PqWAk6XxqioB1Zo8h2-ZTJF9fK6U3OZSPDf8ZD-jED5bZCMbxHb8fHYEIJtF8wDj1ISAURdhXjim3AdcEStxn19TDOHvlhiHEsbKvgqRo7L-2ol0TDu14Uwe9FzvDCtY-ydycrTIOGlVVtmKEUpH2-zWQd6srBhasa3O1ZISOfbdFSjDbEe7f__EGGe9emeUrGzlVCsWRw50XXNwwPoXL5Q9leNRAfBOXPLjOo-etGEt1ON-Gi6upLOJSHjcLiHYXAY4mP68sEipRG94DE2WDFZ1nYkeI0d_dhvAUp7a3eeyfE1J_-dgqJjMgl-cgxeUMRZ4irs3tuT9JsvgptghMz6W5tQVhivIJZ0L0mwro8ZKKn9Aadt03-aGTvfAZxm2331owagoRTRC1FeOaLmbNrXW342Wu2VcwC-Z_LyA-nzKJ3HRquWNQcH3AdNbYRyPCpHr2mx4s8VSG6P4bQZ_k6n8Ln7x_03CLsm6lrS2xwFN3xq3XLtrhcISFTfZZOXcstRuokY4nFAuTqXP-iXg9LJBuWYKzA1Ir3cTkKh1gtDzpQNti6Dj9aGEXea0nUiFzMaLUN_cXngvbeCJZYXFTGRAS5Xe_gyzrLMIHRBEsPsv_VlkX9WOExO2iJ2hRQO0paJfpDnENuaMdOfRFvj2xRjEr99yeuBVIBShL6YXCEpY6uk3SOrcu5afkmSbbdOTauLtNT756yQtUpchEEpsqa_2qsmYsEy66MlrJ4VWnp8eHsB1DpFX5wyDmc_-L_QcT1n4z63N-kNr56yoSXPjA1JoCoQewwnUMocPF_8HNC5s1C9UIb360xX4Ob2RodDCG71B11nQ9ZzLeS4u-8QxnzEAmEx6oypNuf29bP76fX9uRgI2b0dtOnFhyUgtu9j_d5mDMGQwTRshlTRG0m4CMO4z4OKNOLthU1VvBH5sfWf8qAyqdFx7qdZiIV6NS5gORL695I-X50zPUs1qjCAEzDQeae03_2WsPXgfaRflAOQqzRMqIyK9Q5iYv-1qtVG131VT1JFFYG9kid7giqHtoA9rsJgkMP_E2O-8t05JUUURTNK3N93YG5bR-x9GIb3fGa7ZeCFkQn0RHf1O9TXeJv24T_dlVt1V4K4rYBzoEoUxQXWEJS3TtUWt-foqjqK2mj8QSMKjmnIwdsb_4x4dgZ7TFMv9a_98MwVOmPERjrsCfGeEVcXHqMY_XKZUYc0qMTMqMNYybK7dU1Yp_jKEHORPv8GUAJHxAvd_02mgSiVLb6ddg3wjT5NukO96Dp9IxsjhPk-L34R7Sscd8WmFTDwh99pViPnMNNkMio1eVYRyqteVyElvMEPmW3CEhDn0vBU-hDb839rNMXBBlakTwTA7Jrw_lAGm_nc015MdDeGW6cK8HxE1slcZrFAgMoRpEpPQ-HH-1l1ywiFghfnOvQlheNdPTKOddwfRkdn87UAxcj2EkKVF28gUH90Aean5WTs5elaqbqjzIx6yBx1M6v_AlnBKsoPPVOHXCBqyE51fmpg20oM43wj-GO8cyLVrnCLrEEmOewytlPhf5HzGRyWGU-xHMY8olIMAfhxZypByjYVy6LM-N4Lg5r2UTwTdezClcXRcCdLrelxhrntb9nz8x599sz9FJ5dDZOJIM7euN-AAEHx4qTcjSR0tzG_CZfMKTJstrTBPw2cl6EYVRwn2XB602Ah8ncErdPmZHfZ36fnv9rrhdNZhNosBMTmgpnlCxEKunerzffPFb-ypnkEJsfo9CFNEM2VGVE5Z5AXWXKeB2GWCvxTftpEBavhYEezihVkvWZq8r9u5pfKwUxRSRFxFrFWGNAdAjQZ_G1X6EUlJyj0tnpQKOhcehre4mETPdYyCZl7HSQ6EIsnr5LhLjKnObbiCOZQwXHNt5pKwApyw-Ll421vFi8rKcNln-HBdeByYnK8KbwrAqhniDWaaNoLh1HuAjIsDBw9XTRaZOxuSILe6Bzp-f0JvlrCrC1ZTnfPes4BGXu2hA1_Z1pXx8Oq6wq5yD_NbhqnJf9qCh9qwa9723CKq3VWC_klj3n9kv4hKEUW0suPrVJnmMUh_iP6X7mqFYBpPNw0B_9H4Wpd3lIVVvXXbhc0kyxvTnIBlozrqxHVUrur4GGuSAqnsoujSz3EHfwUr89IQkU7by_VN-Q6CeGeTaDk7w8AYCbEv5kWrkOzNzbeFbSFBsPYKFcaLjqdmLBDHaeaY4biZjSmYuZUSAndvTWF_smoqcmKcBsvDM9TuJ8L64tJhq5jkyDJnmKJn_3mLQcdscKXXS1TtAxw6t87XY4cRCpJ3BoA9RIKBeUHrySO9Diyc7h9ve7LFU4w7iTD9kC-Rjg4Bms6bsQKmpDRVoHq_b7Bj-AEKyTyqtCacdp3JUDpCQKVncjI8xyzXbv7r7fYQpevtCOkXunxr_nO1PW79Ky4COpQTY_BSfxqbb2jMuOcsCdl5wvmOv85mp15cAOYT_SHtKDY8TtmJPNWXeMu70uWQnOwbI-LAr9BSmvWOn6s0fnoTNnyjnr0dOskswWVwodRl95-wk7a3lzmCy978HyB2uO0_oHN2-pAsKjJRrM-9g90p4nrgXBPi2gJGMjQx2GCXpPM_KFfRd4n-6wac1blX66G2KhFyI7KFGOt8h4ye_hdCBlrP4J7afTyzf8OcT2m9az_ZA1jrHITr5C3T3J_AULDS5L-plgcrGt7BgZxbq_4BWC6ccF9voJrwcb5o7gZ799FTufvjz7KI1gcoebxM25oT9f4nmUeC0lO8bXgT_INOZu8l_ZNPLKykKi4ZEcukIO8ujihIlVVym6ssfGc94QBam7ULQ6VoGNaZPt3qh1F2IA9CqSfxkGJXifhd6P7CU0GX00D8Iy6Z9y9xy47FFOwZPiyRWb6_9eUqLfdh4phxzVFX1zYeADmmY47UBtIUebkKLwieh1wgLLGMdNJlk7wlqDgWuEcKPNZZz21D6aSbOogE53hF-zHDEcareARgnPI5v-bYy7P0hsUETmMHfXk7qhnskAdtbNDiPup0DKuc2K2MnmyNBGouRnVqVYBhton4aqNP3IVVK_p1&cid=CAASJ-RotpX0RbPlB5jozheHAukcPrD8qci3efZlzDP-t0d3QbP-ledCbQ&rfl=1%2Chttps%253A%252F%252Ftbdailynews.com%252F%240

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46936a930b6fec428a5a2f5eeb4e02ce6fd302ab84b5f9aa3f35f003d9a05de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2C9 42 B
107 B 60ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGOLHKDc80hYM4Y3F2-GUwwnvZXmsMDxPQ7thJDqooAOWZXUh2Q23kwlR--bVBLPiarLfP2YmwSOb7XDNxZHbhCxPcuSfE-jkpun-20fDXrD7VVIU

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame C2C9 2 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:56:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2C9 119 KB
36 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 03:27:43 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame C2C9 15 KB
6 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:21:05 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame C2C9 68 B
345 B 80ms
30ms Image
image/png 18.195.92.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31fvhik8eg&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTkwMDI2ODcxL0ZBTDAyTS9GQUwwMk0tRERSLkEiLCJ5IjowLCJjbyI6MCwicyI6Im1tdC02NzZlOWFjNi04Y2YzLTQ5ZTItODY2YS03M2YzOWExMjk0Y2MifX0%3D&sb=undefined&cb=8558551&h=tbdailynews.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.92.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-92-214.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 63ms
33ms Image
image/gif 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAX8RN661&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=tbdailynews.com&vhuyqdph=ssp-serving-786fddd9c8-m4ptq&vyu=033111_338_033109_305_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001648783663392036448888321640&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=2&gdeg=2&ghqg=0&fhqg=0&hqg=0&gvwduw=0&fvwduw=0&vwduw=0&uhtxuo=https%3A%2F%2Ftbdailynews.com%2F&nzui=
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-241-117.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 01 Apr 2022 03:27:43 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3E6D 106 KB
38 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
Origin: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 14:41:43 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame 3E6D 8 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:26:18 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 3E6D 25 KB
10 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:25:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A692
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1

43 B
1014 B

76ms
42ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-o9AEQtYHOAhibyrrEATAB&v=APEucNViNM8GAs7Z1yd2J6tt3oSK9WJGZCF6XjLomryJE2yuLxvkfhGWhUF3SRsMwtFd__LRsqqMphj0jqwUWoUbHMeA8tjEgBPzoygC5lHkyP0oT_s3oCH6mDKUrU0-zlzWvuzc1iCR_oLr_0y9ikbUHmnC0Z5___bayo2vhqJ6syy_cdHNaOM
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Apr 2022 03:27:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A692
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkZxLyAnU9U4Byqgrv5O2AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1

43 B
894 B

44ms
44ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-o9AEQtYHOAhibyrrEATAB&v=APEucNViNM8GAs7Z1yd2J6tt3oSK9WJGZCF6XjLomryJE2yuLxvkfhGWhUF3SRsMwtFd__LRsqqMphj0jqwUWoUbHMeA8tjEgBPzoygC5lHkyP0oT_s3oCH6mDKUrU0-zlzWvuzc1iCR_oLr_0y9ikbUHmnC0Z5___bayo2vhqJ6syy_cdHNaOM
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 01 Apr 2022 03:27:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiIgZucmQ9K4SLl3ngb0-I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A692
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPfr-pPqVw29s4ENi4JB4wc&google_cver=1

43 B
1016 B

27ms
26ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPfr-pPqVw29s4ENi4JB4wc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-o9AEQtYHOAhibyrrEATAB&v=APEucNViNM8GAs7Z1yd2J6tt3oSK9WJGZCF6XjLomryJE2yuLxvkfhGWhUF3SRsMwtFd__LRsqqMphj0jqwUWoUbHMeA8tjEgBPzoygC5lHkyP0oT_s3oCH6mDKUrU0-zlzWvuzc1iCR_oLr_0y9ikbUHmnC0Z5___bayo2vhqJ6syy_cdHNaOM

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1e82fd6e-03e0-476f-afd5-e6c07d45de1c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPfr-pPqVw29s4ENi4JB4wc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A692
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MTQ0MzM5OTA4MjAwMDg1NQ%3D%3D

170 B
188 B

64ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MTQ0MzM5OTA4MjAwMDg1NQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:43 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4e5de0e4-b31f-496d-aa23-aed93cb9a2ba
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MTQ0MzM5OTA4MjAwMDg1NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E6D 41 KB
15 KB 197ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 13:41:03 GMT

GET
DATA 200
OK truncated
/ Frame 3E6D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1142a5ccd317daaf2a3b85aa88155dd43ad2fd1e70ba9a44e4d01b50682ac802

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame C2C9 25 KB
9 KB 53ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:25:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame C2C9 8 KB
3 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/omrhp.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:26:18 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C2C9 0
64 B 178ms
58ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3qbfcIdkdTbedoTzlL38jbWQFiTHxzeh5850LzGS-uXII6HYf-i3L5zxidgmHkj4rprzwfPv88N4_8bXydFPdecp7sa4f3F_TGuGwxPbAnpB0KBZBUb7jHTD9oVPWTVlX-pQN0wIBRzQTAdPY0S3EuGZDGlqHU1DJYVlVNxvZrOxNsSrWGSGTIqD_Yum1Rx8yCW9BaNKE0WduIztg1ZpjqDESgH0nuKxu6TWbD_CA17G_-NaRfcbRN-nXkKAt6HoxJjfJnT-RIsU_sxpycOsv6IVVre0cWB-yaBxFk92YPhxzLolGFySsawjaKr2bqdctgi_Eud8dktBqgTJyP7r0D4Jw6POwLL5AbgRJhbcxsGoA37Q53Rvvpf7Hgw8ukFFeSJYMk5_S9HTjMWqVJ4JfRCusubbqoxePQ_s93S8_ZtlYnrqYMmN-Me6rmVhp8XyzjQWTdZqyt6IWycQzhezeNO9wN5J8wzKshfhnEQkPIns2tfz77-mdUDOaynwHvtc_f2yhgfqMF1FnMjmc2KhJwNuphwmRnJSClr0bNsMPCcNtmRWtrciRLuOhghW8pu-0TVIkrj6a2nz-oHsqIJyNPtPejwpVTO2ClG1yuZ_nSljStdzyddR5Thv167pwryD5fsenwRa75gPI9qUsTwWofnvuSRpR0cLRBtbpRGQGHznn_bznHC_bMiq4Dez_zXCCvBjGMsMNPP7j_jPr9vt5NShW7YrKjsDOIDjWQKw5yBNVHurUSq9_Jbwx-KiksnM8Uu-YcY00f_HK_vihO2E5T3757kNu9hjxZQ3vLav-SEkoVAze3OwTiYHZTZXp_EwUGAwrmahtQQ3AHiZcyFoN-KD4ZMaInhnk2NS6JOt_esK96OzEgyspmoZvvH58u_csJ8zIwUN8AaQExxy4poebjhK_cp-xFf1R8sc-dByiwba7b52V4LFXXWZ5X2KcricwfNJNmO4F6DcXKS8vTzBrO4_VofbF47MTijOeaFCbejTIaE4Izvz1748ujzVhfkCXy3CzzXETj5bQLojfLlRSsPUy4dZ_dmEv7y6r0Dx1yBTpMjrJY1g-pmLGEL3C6c2HXstPnICZekn5rkxIRG-ocn4AvBu2D9Wh5KqZdWQGB3oz8tLrZE2SjkMuZiOL9FBr59Ycu40-y7I7KVRJUFE0rxZS_B2sgdDS_Qs2FeZhIKxM_Yj-WbDl-lOlQkNrp-4r45LllWFYtPhFQ2oYsx9WgHhxpWtBBTrkzURWha_tay1grkLrX89FEmnEkg&sai=AMfl-YQoZ9ePC2EHAqeZNJUnK9kOuOpG5g9jfleU_ia6ZCA6IcDsXEXc2e3hg3EDqcelSB-jXd26W14elXC1mQtVebh9RAHQuBLhWzJJ4-Q1m5IjSUT1nGD1URJeWaR1jiSYoQmpHUZOoO62NFEZok9vE3JBEnT6KmgI0wnW0U6iSnqJbZveUG8cjjjPrKj8-TcnY1uSkMkqtFX9z-LVP-bqNznoIWqM3Yc&sig=Cg0ArKJSzFUvilZVGZnBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220330.22959&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrtBJWvDerwu3zbjDBpAIqRe_VMkjU1rNQg3_7_l7JMITzI_3-8ikORTh_JW8KbNE8bCNBRC4iEzISRGOXOhlEKwJsDQ&cry=1&dbm_d=AKAmf-CuJOVn6G7gaG1RhHW47a0v2_4t8sPBAooqrL9c4MMUeUmTm6g1D0f8Z2r0S3CzLxHq4OaXKz9cR78ChwgW60L3czwu-Km-Dtf-5oAjti6S1rknJTMi4PB3N-_HEyGwi1hrdhi2epraBAKBCnI86u5MnaFQTMs_G3mLMl0V7b3wfvL0Fak7kJOKmbwZt8vvWBFIbMfNwoM-PqWAk6XxqioB1Zo8h2-ZTJF9fK6U3OZSPDf8ZD-jED5bZCMbxHb8fHYEIJtF8wDj1ISAURdhXjim3AdcEStxn19TDOHvlhiHEsbKvgqRo7L-2ol0TDu14Uwe9FzvDCtY-ydycrTIOGlVVtmKEUpH2-zWQd6srBhasa3O1ZISOfbdFSjDbEe7f__EGGe9emeUrGzlVCsWRw50XXNwwPoXL5Q9leNRAfBOXPLjOo-etGEt1ON-Gi6upLOJSHjcLiHYXAY4mP68sEipRG94DE2WDFZ1nYkeI0d_dhvAUp7a3eeyfE1J_-dgqJjMgl-cgxeUMRZ4irs3tuT9JsvgptghMz6W5tQVhivIJZ0L0mwro8ZKKn9Aadt03-aGTvfAZxm2331owagoRTRC1FeOaLmbNrXW342Wu2VcwC-Z_LyA-nzKJ3HRquWNQcH3AdNbYRyPCpHr2mx4s8VSG6P4bQZ_k6n8Ln7x_03CLsm6lrS2xwFN3xq3XLtrhcISFTfZZOXcstRuokY4nFAuTqXP-iXg9LJBuWYKzA1Ir3cTkKh1gtDzpQNti6Dj9aGEXea0nUiFzMaLUN_cXngvbeCJZYXFTGRAS5Xe_gyzrLMIHRBEsPsv_VlkX9WOExO2iJ2hRQO0paJfpDnENuaMdOfRFvj2xRjEr99yeuBVIBShL6YXCEpY6uk3SOrcu5afkmSbbdOTauLtNT756yQtUpchEEpsqa_2qsmYsEy66MlrJ4VWnp8eHsB1DpFX5wyDmc_-L_QcT1n4z63N-kNr56yoSXPjA1JoCoQewwnUMocPF_8HNC5s1C9UIb360xX4Ob2RodDCG71B11nQ9ZzLeS4u-8QxnzEAmEx6oypNuf29bP76fX9uRgI2b0dtOnFhyUgtu9j_d5mDMGQwTRshlTRG0m4CMO4z4OKNOLthU1VvBH5sfWf8qAyqdFx7qdZiIV6NS5gORL695I-X50zPUs1qjCAEzDQeae03_2WsPXgfaRflAOQqzRMqIyK9Q5iYv-1qtVG131VT1JFFYG9kid7giqHtoA9rsJgkMP_E2O-8t05JUUURTNK3N93YG5bR-x9GIb3fGa7ZeCFkQn0RHf1O9TXeJv24T_dlVt1V4K4rYBzoEoUxQXWEJS3TtUWt-foqjqK2mj8QSMKjmnIwdsb_4x4dgZ7TFMv9a_98MwVOmPERjrsCfGeEVcXHqMY_XKZUYc0qMTMqMNYybK7dU1Yp_jKEHORPv8GUAJHxAvd_02mgSiVLb6ddg3wjT5NukO96Dp9IxsjhPk-L34R7Sscd8WmFTDwh99pViPnMNNkMio1eVYRyqteVyElvMEPmW3CEhDn0vBU-hDb839rNMXBBlakTwTA7Jrw_lAGm_nc015MdDeGW6cK8HxE1slcZrFAgMoRpEpPQ-HH-1l1ywiFghfnOvQlheNdPTKOddwfRkdn87UAxcj2EkKVF28gUH90Aean5WTs5elaqbqjzIx6yBx1M6v_AlnBKsoPPVOHXCBqyE51fmpg20oM43wj-GO8cyLVrnCLrEEmOewytlPhf5HzGRyWGU-xHMY8olIMAfhxZypByjYVy6LM-N4Lg5r2UTwTdezClcXRcCdLrelxhrntb9nz8x599sz9FJ5dDZOJIM7euN-AAEHx4qTcjSR0tzG_CZfMKTJstrTBPw2cl6EYVRwn2XB602Ah8ncErdPmZHfZ36fnv9rrhdNZhNosBMTmgpnlCxEKunerzffPFb-ypnkEJsfo9CFNEM2VGVE5Z5AXWXKeB2GWCvxTftpEBavhYEezihVkvWZq8r9u5pfKwUxRSRFxFrFWGNAdAjQZ_G1X6EUlJyj0tnpQKOhcehre4mETPdYyCZl7HSQ6EIsnr5LhLjKnObbiCOZQwXHNt5pKwApyw-Ll421vFi8rKcNln-HBdeByYnK8KbwrAqhniDWaaNoLh1HuAjIsDBw9XTRaZOxuSILe6Bzp-f0JvlrCrC1ZTnfPes4BGXu2hA1_Z1pXx8Oq6wq5yD_NbhqnJf9qCh9qwa9723CKq3VWC_klj3n9kv4hKEUW0suPrVJnmMUh_iP6X7mqFYBpPNw0B_9H4Wpd3lIVVvXXbhc0kyxvTnIBlozrqxHVUrur4GGuSAqnsoujSz3EHfwUr89IQkU7by_VN-Q6CeGeTaDk7w8AYCbEv5kWrkOzNzbeFbSFBsPYKFcaLjqdmLBDHaeaY4biZjSmYuZUSAndvTWF_smoqcmKcBsvDM9TuJ8L64tJhq5jkyDJnmKJn_3mLQcdscKXXS1TtAxw6t87XY4cRCpJ3BoA9RIKBeUHrySO9Diyc7h9ve7LFU4w7iTD9kC-Rjg4Bms6bsQKmpDRVoHq_b7Bj-AEKyTyqtCacdp3JUDpCQKVncjI8xyzXbv7r7fYQpevtCOkXunxr_nO1PW79Ky4COpQTY_BSfxqbb2jMuOcsCdl5wvmOv85mp15cAOYT_SHtKDY8TtmJPNWXeMu70uWQnOwbI-LAr9BSmvWOn6s0fnoTNnyjnr0dOskswWVwodRl95-wk7a3lzmCy978HyB2uO0_oHN2-pAsKjJRrM-9g90p4nrgXBPi2gJGMjQx2GCXpPM_KFfRd4n-6wac1blX66G2KhFyI7KFGOt8h4ye_hdCBlrP4J7afTyzf8OcT2m9az_ZA1jrHITr5C3T3J_AULDS5L-plgcrGt7BgZxbq_4BWC6ccF9voJrwcb5o7gZ799FTufvjz7KI1gcoebxM25oT9f4nmUeC0lO8bXgT_INOZu8l_ZNPLKykKi4ZEcukIO8ujihIlVVym6ssfGc94QBam7ULQ6VoGNaZPt3qh1F2IA9CqSfxkGJXifhd6P7CU0GX00D8Iy6Z9y9xy47FFOwZPiyRWb6_9eUqLfdh4phxzVFX1zYeADmmY47UBtIUebkKLwieh1wgLLGMdNJlk7wlqDgWuEcKPNZZz21D6aSbOogE53hF-zHDEcareARgnPI5v-bYy7P0hsUETmMHfXk7qhnskAdtbNDiPup0DKuc2K2MnmyNBGouRnVqVYBhton4aqNP3IVVK_p1&cid=CAASJ-RotpX0RbPlB5jozheHAukcPrD8qci3efZlzDP-t0d3QbP-ledCbQ&rfl=1%2Chttps%253A%252F%252Ftbdailynews.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 01 Apr 2022 03:27:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C2C9 41 KB
15 KB 149ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 13:41:03 GMT

GET
H3 200 4234528119814267126
s0.2mdn.net/simgad/ Frame C2C9 366 KB
366 KB 56ms
26ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4234528119814267126

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fb1e8bf583f168b7662bc6223550187a0d2be1b154aca92fad6ff377426b802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 23:36:31 GMT
x-content-type-options: nosniff
age: 273072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 374587
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 02:36:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Mar 2023 23:36:31 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/ Frame C5EC 5 KB
2 KB 32ms
32ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6875e98eccfa969b1f777965d46e283ad78a15e7d8c02658e3a88faabb1a1635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 590248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1523
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Mar 2022 07:30:15 GMT
expires: Sat, 25 Mar 2023 07:30:15 GMT
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3E6D 0
622 B 159ms
57ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzRcfajB5ErjFP7BvG2vs6MltV8fdetxgYbLv9MgTfWQUc1Ye347TfgYV6P_39eT8RcyVoyXmgVkz39Lhgr0En_cQ8gAPh__K-VzVCaozkj0u9JbK_Crt8GBMIJW-on7wvrw4ag9ownMToD-aqRvBXr4ZvB5ITr20W24uPj5joXR7I9CW_mDNrGyb-McNJHiGTeukuW7Ldqt_F6HJJc5c-vlFbnDpHIipHIBlKzZa0FSePxz-1f5ejK4tbjimJbSeDUfufTen2EtuXjjaONoogfkRl1UCAQT68OgNmbd0Eyfsq7Uc3NT_747kKs3fu5de96JQ4A4y6g7y4QBkahMwKaesnYDKGyjJVkvb76U7FnjxbiiCw0Rh5jNyPFQMhqH8rIqci_Aj6WyxMp5uCzXoipQX0M9WRC2Je2N3XEkkwnzjXvwd-GA4TMYxudibmRrwgAgQYtoLKplfDSHyzA521ZM2tEGe1u1Lm9xJ1PM17-kDw48fYes_roRqkJV775eePTk6c23y2gnH28UWii1iCoEPclMmgiS9LidumVUVpuQdsoVOr2XLZ17uotZUNoFtWzAVpKjGeRhI5qYJTEW9YeHNL1FgajimY73Sh_UNV9S-k3AERkZQrzI2yvQ1SPUfzsgLJQsGhPV1tyMoZKKF9AD9GA0334U4W4vDHk79i6GvWDrelqEllFUBZu2cw8ESq_jv88yRPtalRzfqkFcJSMp0zN0RWlcIzjyypdbKSm7Ze6Jk7y_D-PO3SpY_UdJ0DLQWWcMlN7wXkoz0Rl86xYBp54e_JkkXLLhYtizAHwcx88b7E0cBj8ZT_S9EoaFDnesjncYZA7c4jC0N93QBhFBAH6j8rYmLT0wg8o9v7zNpr83ZM5HJWBWQeHxQV41-nbMTpCQXI9QvUq99afsZ2CXXOOaqwzb3hLKFXebfOl9ZCS6nxo7FKdtcfHrle1OakilNkgNIj0Rj6YVUCxbqifJDpkv8wqtk-0yegt8vH6q0oz5L4poM0KNIZqI9vH-Dhw6hGloO7oz-VDH4QZFe72xI9-vcGB-lnSZNgwjEs6lXHVK4TMiTZFEsBQDXMth7OZQ7C2n-cV7U5aD6EPBLSB8mu3lhqmSiBsvapR49LXxyzMm6BuY18x-PbJO2_TYanqKf12_74bj0IkJUmF6FvCk_tvBmzwLHKbOfHnyRzQw-TuwLSj4S3Ptu85JHWtgUZl13sEoZO0uCyUyBD8_jWiPUWAGMrF7j2F8wpr5XgDJtcE54Yv0XBrQP-gJCCyQ-6BPtA7MxUcBMAsrF7VZQNJb8WKg&sai=AMfl-YSmLAsoyD4ijELkqsWxxmW7sPAVLjzwnH3RXRsWUVjgCIZ70bLMzh5rcRzbyGvNwSVJ9qEzHS0UgqX8C6Hq0yxD_TjAw_6rkmT49wKdO04liPvhFFjpGnKS2xSQGnc9pa3zKky1ST05_4NenX5C4XwmL4IZPfJnbth7ZrgkTScGq6gIidYY77uE4_2ggq8_1Wpo9sX_2kyfUrEDpQmBdjM-2qjTE0k&sig=Cg0ArKJSzGozNGRzDtSIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=117&cisv=r20220330.29692&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 01 Apr 2022 03:27:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 3E6D 43 B
869 B 179ms
30ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=stage-dv360&extProvId=300&extPu=stage-dv360&extLi=&extCr=&extPm=&gdpr=&gdpr_consent=&rnd=3825342424

Requested by

Host: 21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
URL: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.91 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 20
Last-Modified: Fr, 01 Apr 2022 03:27:43 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 01 Apr 2022 03:27:43 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-ET-Camp: 990
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C2C9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6b60bf03cd338fa564b412c19aa3225fe44d7347cbab4050219a2afc900d01d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7B90 22 KB
8 KB 26ms
25ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 74096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 06:52:48 GMT
expires: Fri, 31 Mar 2023 06:52:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B91A 22 KB
8 KB 27ms
27ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 74096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 06:52:48 GMT
expires: Fri, 31 Mar 2023 06:52:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C2C9 0
26 B 66ms
35ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:27:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame E697
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
632 B

38ms
38ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: tbdailynews.com
URL: https://tbdailynews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF4) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Accept-Language: de-DE,de;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://tbdailynews.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 27320
Cache-Control: public, max-age=315360000
Content-Length: 80
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Apr 2022 03:27:44 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 31 Mar 2022 19:50:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF4)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 01 Apr 2022 03:27:44 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Fri, 01 Apr 2022 03:27:44 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: d0427b5169ab425a910c9331037cb197074d8824c451d99653c7f58814f8690e
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 143
x-transaction: 2162069be19129dc
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 23E6 28 B
56 B 38ms
38ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/449ea0a5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jp2diXWZLYA
X-YouTube-Client-Version: 1.20220330.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtNbGJuT3QwV2J2dyis4pmSBg%3D%3D
X-YouTube-Ad-Signals: dt=1648783661435&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C720%2C405&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 01 Apr 2022 03:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 01 Apr 2022 03:27:44 GMT

GET
H3 200 ad.css
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/css/ Frame C5EC 496 B
318 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/css/ad.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bc71707fbe3193e4e41505d02a164efe2eca430d46268ec242948d6745c6ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:42 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C5EC 105 KB
35 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Apr 2022 03:27:44 GMT

GET
H3 200 txt.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 4 KB
4 KB 24ms
23ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/txt.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c30ba59f604fe2d3332767dd1fdfa89bbf0af1e342bae9a2a631f9f9ba7ceb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:32:07 GMT
x-content-type-options: nosniff
age: 6937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4144
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Apr 2023 01:32:07 GMT

GET
H3 200 splash_t0.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 2 KB
2 KB 27ms
24ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash_t0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

389c6b086678e61a4ea5595034e243863f0e2a4ff4ac463f5b49cb08c3366eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1721
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash_t1.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 1 KB
1 KB 32ms
28ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash_t1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17f5adde2bb1a8558e4c1f29a2187b47c757442c990b7db540ef275367eb39b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1501
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash_t2.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 2 KB
2 KB 32ms
26ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash_t2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19fea9e1196f1ccd50a4c9465339ae8ca5850a50c45f8a6080fedff65292d7bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1599
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash_t3.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 1 KB
1 KB 45ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash_t3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f0a53728a9132cc2dd8e854520cca8d7bee46ac8fabad54a8c3fa584360ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1427
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash_t4.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 2 KB
2 KB 45ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash_t4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edc04e64e8d19044bea7dbb462147f0e9073dde4135faf91a186f6880ecf663c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash_t5.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 2 KB
2 KB 46ms
41ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash_t5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88000280089d4001bbb42af40632d6820f6e18353c9ccc6ff77e6e0b800e3d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1790
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash_t6.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 1 KB
1 KB 45ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash_t6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e93fa39f0cf73cfb058e2adb35e2b950fd2e05fcf5aca4c04e3565a89404a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1184
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 txt-msk.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 4 KB
4 KB 56ms
51ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/txt-msk.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e0a9d4c9545594813bf8164273dc81b7d6156f5c7bb879d9ea874cc5f385fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4316
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash0.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 6 KB
6 KB 56ms
51ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbf2066f082a622f93ea349c9292c13165935ef0b703346b80542aeafe24227d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash1.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 6 KB
6 KB 54ms
49ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e4d20b22c320175b6ba3b65f2e860377691c7b886b60e12c9bcfcfd2d96a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6065
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash2.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 2 KB
2 KB 54ms
50ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f3e4c420c6afe67cb49e1f7f1fa4f6680d31904331cbd1e1aa731cfb0077f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:08:15 GMT
x-content-type-options: nosniff
age: 551969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2146
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Mar 2023 18:08:15 GMT

GET
H3 200 splash3.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 11 KB
11 KB 48ms
44ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc6f478fe16bb9dad73b982009bb0e5989d6f2ae09f887f0cd4e66a10f9dea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10779
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 splash4.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 3 KB
3 KB 47ms
43ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806858ce09945d92373167142d7d62c5b0b6e91e7b4d265ed3cd27ab7220c81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:34:28 GMT
x-content-type-options: nosniff
age: 6796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3258
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Apr 2023 01:34:28 GMT

GET
H3 200 splash_2.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 12 KB
12 KB 46ms
42ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/splash_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f0052ab279b948be05d45f194b76b1dc7b22b5080a868908e248c040b18004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12309
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 bmg_group.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 30 KB
30 KB 44ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/bmg_group.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8bfdfcc2a75d027f6657eaa2ae964d0f6e28c0f223d6bbe975e1f79541c76da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30222
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 logos.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 3 KB
3 KB 46ms
42ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/logos.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f2bb0f96cb5035a0fe5e82a1537777e60eb9bb44e210082904df7fd3405edf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2577
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 8 KB
8 KB 46ms
43ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc333c73d07f9dbebce73a959489503f05b9d1e8157f68e53b8164ce0e7102f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8583
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 location.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 1 KB
1 KB 55ms
51ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/location.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cadbde1342ff185749c8c3ce51ed30682939a7723d59f151d18adae4a0a191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 19:35:26 GMT
x-content-type-options: nosniff
age: 28338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 Mar 2023 19:35:26 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/ Frame C5EC 2 KB
2 KB 55ms
51ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b57ae71e53aa95e1921348011a80d0801ba5f3d2e5542f43cbd3d5ab5ddab67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:31 GMT
x-content-type-options: nosniff
age: 148213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1774
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:31 GMT

GET
H3 200 ad.js Show response
s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/js/ Frame C5EC 4 KB
1 KB 29ms
29ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/js/ad.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e30ceb08255c9aa6a79b73b589ffd0866cf1242d93e3f916edd842a87600819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3630626241555959143/BMG-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1220
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 16:51:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 10:17:42 GMT

GET
H3 200 FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B90 35 KB
13 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 22:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13680
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 22:49:48 GMT

GET
H3 200 FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js Show response
pagead2.googlesyndication.com/bg/ Frame B91A 35 KB
13 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 22:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13680
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 22:49:48 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3E6D 0
26 B 18ms
18ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzRcfajB5ErjFP7BvG2vs6MltV8fdetxgYbLv9MgTfWQUc1Ye347TfgYV6P_39eT8RcyVoyXmgVkz39Lhgr0En_cQ8gAPh__K-VzVCaozkj0u9JbK_Crt8GBMIJW-on7wvrw4ag9ownMToD-aqRvBXr4ZvB5ITr20W24uPj5joXR7I9CW_mDNrGyb-McNJHiGTeukuW7Ldqt_F6HJJc5c-vlFbnDpHIipHIBlKzZa0FSePxz-1f5ejK4tbjimJbSeDUfufTen2EtuXjjaONoogfkRl1UCAQT68OgNmbd0Eyfsq7Uc3NT_747kKs3fu5de96JQ4A4y6g7y4QBkahMwKaesnYDKGyjJVkvb76U7FnjxbiiCw0Rh5jNyPFQMhqH8rIqci_Aj6WyxMp5uCzXoipQX0M9WRC2Je2N3XEkkwnzjXvwd-GA4TMYxudibmRrwgAgQYtoLKplfDSHyzA521ZM2tEGe1u1Lm9xJ1PM17-kDw48fYes_roRqkJV775eePTk6c23y2gnH28UWii1iCoEPclMmgiS9LidumVUVpuQdsoVOr2XLZ17uotZUNoFtWzAVpKjGeRhI5qYJTEW9YeHNL1FgajimY73Sh_UNV9S-k3AERkZQrzI2yvQ1SPUfzsgLJQsGhPV1tyMoZKKF9AD9GA0334U4W4vDHk79i6GvWDrelqEllFUBZu2cw8ESq_jv88yRPtalRzfqkFcJSMp0zN0RWlcIzjyypdbKSm7Ze6Jk7y_D-PO3SpY_UdJ0DLQWWcMlN7wXkoz0Rl86xYBp54e_JkkXLLhYtizAHwcx88b7E0cBj8ZT_S9EoaFDnesjncYZA7c4jC0N93QBhFBAH6j8rYmLT0wg8o9v7zNpr83ZM5HJWBWQeHxQV41-nbMTpCQXI9QvUq99afsZ2CXXOOaqwzb3hLKFXebfOl9ZCS6nxo7FKdtcfHrle1OakilNkgNIj0Rj6YVUCxbqifJDpkv8wqtk-0yegt8vH6q0oz5L4poM0KNIZqI9vH-Dhw6hGloO7oz-VDH4QZFe72xI9-vcGB-lnSZNgwjEs6lXHVK4TMiTZFEsBQDXMth7OZQ7C2n-cV7U5aD6EPBLSB8mu3lhqmSiBsvapR49LXxyzMm6BuY18x-PbJO2_TYanqKf12_74bj0IkJUmF6FvCk_tvBmzwLHKbOfHnyRzQw-TuwLSj4S3Ptu85JHWtgUZl13sEoZO0uCyUyBD8_jWiPUWAGMrF7j2F8wpr5XgDJtcE54Yv0XBrQP-gJCCyQ-6BPtA7MxUcBMAsrF7VZQNJb8WKg&sai=AMfl-YSmLAsoyD4ijELkqsWxxmW7sPAVLjzwnH3RXRsWUVjgCIZ70bLMzh5rcRzbyGvNwSVJ9qEzHS0UgqX8C6Hq0yxD_TjAw_6rkmT49wKdO04liPvhFFjpGnKS2xSQGnc9pa3zKky1ST05_4NenX5C4XwmL4IZPfJnbth7ZrgkTScGq6gIidYY77uE4_2ggq8_1Wpo9sX_2kyfUrEDpQmBdjM-2qjTE0k&sig=Cg0ArKJSzGozNGRzDtSIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=914&vt=11&dtpt=795&dett=3&cstd=117&cisv=r20220330.29692&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: tbdailynews.com
URL: https://tbdailynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:27:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 / Show response
tbdailynews.com/ 0
122 B 325ms
325ms XHR
text/html 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbdailynews.com/?mailoptin-ajax=track_optin_impression

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://tbdailynews.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 Apr 2022 03:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: WP Engine
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-NR-SAMPLE-PERCENT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6f4e3b0fad1901f4-ZRH
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 / Show response
tbdailynews.com/ 0
103 B 679ms
678ms XHR
text/html 2606:4700:10::6816:2db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tbdailynews.com/?mailoptin-ajax=track_optin_impression

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.9.2/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://tbdailynews.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 Apr 2022 03:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: WP Engine
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-NR-SAMPLE-PERCENT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tbdailynews.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6f4e3b0fad1f01f4-ZRH
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 35ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d14e21005876d302e36cec5c822f0cda641824d78e729ffa9a4237b4f9db824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 03:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10589
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 03:27:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B90 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEm0_L3FGYseqH5ugrASnha6ABAAAAAA4AeAEAg&bg=!YmGlYSXNAAZku-1yRLs7ACkAdvg8WrW4lQRlUFavQBnNhUjYE8Kbz4_0mS_hVweHwyUonhrHo6KKewIAAACgUgAAAAJoAQcKACWGd7mA4Jf4Bly0N62COGbm6l16jV-8dtrJBIGJlnMi5rKMNzy4mQMoBpEkzaKc7lI3WS0R9XgM8egmsJmv0f5zqVBucgqWIYWkNJBvIjIoQTIwf__8wyPoAw7RgPweTh_8QpeYVDd6AXEBMkNfAUB7sqoazRi5zU9HqnJsaPFOZM8inCBzBcMaHCjMSyORgQVf4UvfAQp2TDulvBuQoYUzByj2QpmYufIAC6Na2g4-BjH3UdWF8ByMuTsAq0A-y5Kg6ipg0KZL8lwkN1GeIBuEyRp0zQ3dodi1TFTJbrW-S_RsOECszmKtuOnuJTitELJkUsFUgvI0D4Efj70K1pW5CUUtuDSpbcuwmPmS4PESUvHcv03h99Xf5tAXGMXwjo4kHdo2pMIiwV2bJ_hIKvoA1-YqvR-ONiwbc32t7BrSbXephaP99PE1PHFkmTHsYnGk_e4LtJ4N_frXr2qeEur-I0ebKbHvx6NQiM1u0Ft7GEeRNz0RA4zDTrYvPRzUuVjLiOQWj8WDjQMvC4HE4l9q_nr1iOuFWcI1tOrpr43iQ95tcJBwKld-s1qqz8FQHfbVZbsjhV2fvECYz83ad0rXb_hCeGDiDysy_ZwyVgoND8byUzh2yyd5KkhsRk0hQzFqACHmr8rjSeBR80F4S9RkvxXMpvOZ65FcjM-LgMgkIFCtB_US8ojD3Mm2y4R02zO-LIb_UfklFkI7O4R8hb1_zvFYmV6ApdEQZiGYhhPCU1bfIqDIbmMAPBEvwomTtgNKn7FWNwL4aQtQK9M1zFrSmK5h0Gx88vNOYXvmRvQtY2C7dxDbfwBMYoJ-b-p0QhGRq4mZhlhTyUgS76kwf84MFZ20tg-cvfuoMfDxu7Dtfphug8sbq7TxygDS6Exm24j9stsb1nq1XUMHutAbR8XZkpPyNOSjx1LjkD6iozIUf7lD7dM-51pECuMj9gLjvghsyxWkNPlgWMiY4oXUyT5O6GAQc43KvhD-4VdSAqNAr32bsrX_EJkLsUzvXDkTo4IxrCgHQ82FNxwhPWhVbnm2YimgBDPz0NSBDbr22T-nv7tO0DaFpCAikQSBQyJPDCL2FXfNxFh_HOCEHkOlJYM1Nyn_GapU7t04-4jchS8cAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B91A 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK981L3FGYsWfJNXv3wOO7q6QCAAAAAA4AeAEAg&bg=!TE-lTwvNAAZku-1yRLs7ACkAdvg8WiLg6cTbMdyFaOIrAykWi2d0cGaWixPqA9qCOZa2xA-0A3twEgIAAACRUgAAAAFoAQcKAD2jlm9I5iezXu1P2x2Kxr4DJee2SkK_RgOhzAj38UemnWdzMMa11wgn1PMFT-oqSiBGe0UzdZvpYDYZO2KgmQMTMi_h2X1Xy3Q7voJnb0Q52vBRjcIb-BElb9gPyyAi2T8opWDtfQ7iCkaSL0aSvAgdzk0mZmOpjNIFEabtFb5XkCCcJhqbV9PZVi3OwvKWMG7_-LA8ZDwhDzILoIbWFK-8gZ5fdt6tGFl_gnG80r7p8rjLWJLzTew8jmiOJIEX946zM28EF5V6mxVGSEBIsxTfqjT0IFsvGOgKMWFYuXb_clbTnuX36yahJys4JTQFRD1qanTEkNg3Xa7d47Z7R0OpuILKE_B54GhwHl6FaD7Wx1l7DqZPTvk5ie6-jZdfR5tMHldQYPIz1VE6CORId23bQE0L62QhgOkTCrCRVkFP-4eY4lxwDFmzRKwj3GmFGhKfRS1PdgdlCUl8YcA8oXRuDqUqjcT7ws2SDLjwpENSLPvyBDL91hS9daIPljPvpie7A76QnMYT_EaBQcZ7uqWCNIfii_aP6Sr8WMUaTuzxmZulWTSWZSO0yJhmhDJenYEXyQfAnXD_r8JxR68WZbjQOeFAsrULMh4iQ1sVSrw_g8dgO062o3y87S0OHG6ps6zobpw4pLH0rQxvMN9TV2JPsHAy0pT7LXr4-RPwvBwec-8Y2NcjSOmKMKvFTtUS2aEYUkU9t8IPEH9pItR5tt_mtDtPYHclGWJzkeBozpRJoW_eywlWm6dAiVh2VF_bniOv5iRpF8cAaH0Td_kLv4Kq49rjkz41NwRQDMisXAA98gOZo01VVLOH5mqtRgL2bUsZ7Pt3zvxb8B_Q4L_3q6pCIecj7X3fiCd0-DKjdR3da00PN_AUGq8IIL58q5geMvmRMrTQnZe12D8UUdbTcOGaP0hRv7Mk-ehoid0Kj4feXcbOOMzspwr9XCoTwbc-C7I0TKUU5I8RnnU1JwkcnCkRJ7DYDv_QRxQrsbfIEjJlX78UbFO_ND8cq150KwYSNHxDzdPunfXF9bC7iQX1ggydOLpaa0YFVuyEC1Cak7O8QAJhhyVINfkzWZeMTZ_DcDm-Knfk6Gp9NOxy4HBA6Ez20dF7fOfNJYPFNtTc6rv8pXDztg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3E6D 42 B
64 B 19ms
18ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurTYHUbzeI-sQ3hikOS-CtpdPEWdQIS7uKJWOsR4ytRdbHkTxJmbNaQL9PTVqXBZoIuiQriqbVRen3HzBW9KJM1ZcKgoPbI89f7bW80Bf_SaUmDtamsg&sai=AMfl-YQ4h-UJwV5fzDBcrvMYMFG5jFS15lCQcntkf-RfwjQ3-lNyqGl1Z7DzuStz7OC5nAuhjsLuwzAhXOL1z_wH8XovjE1x9mGfDdVI9b6TtD8JA7IMOlMAKYwALlwEd30&sig=Cg0ArKJSzMy-Lh9fKo6vEAE&cid=CAASJ-RoTFyNKWmjKU8N2c59NReaSnMuErwHVgI910BA59ntDod2RkrroQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3336983485&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648783663280&rpt=403&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FB4 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 16662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 22:50:02 GMT
expires: Fri, 31 Mar 2023 22:50:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0584 783 B
534 B 18ms
18ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b23e974f49c3d4e2e95c397bdfc22cf625d4c849beffbe71a5d221ef42f00090

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GCh506wQtqenv6sC02ry1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-GCh506wQtqenv6sC02ry1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 03:27:44 GMT
expires: Fri, 01 Apr 2022 03:27:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FB4 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 22:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13680
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 22:49:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0584 0
0 76ms
76ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=2694508096922078&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3FB4 0
9 B 23ms
23ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lSgbwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2C9 42 B
64 B 36ms
35ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqyL8TIscD-9Jdj47YAB_zu9fotf7Zzr4AX6ptWv9yFHSCgDhIBFDGk9RyDqb6zHZ3uoqIbyweSVi8uY-Nmqm6efHFxiurCcSSER3EWRkJ-JFtNXSVXw&sai=AMfl-YQRuWv4tmmuQyv_1cqejLlzwDOse9JrRYkJAZTjQw81EoPRkVXiV0sQjcJQg9Ga4YhgNTDTeHo5eRJjplASJtLfD7eWmqhwFvVNVKUKuOzuPq74ENHRDXdW1SoR7tA&sig=Cg0ArKJSzKXb19KBsFyTEAE&cid=CAASJ-RotpX0RbPlB5jozheHAukcPrD8qci3efZlzDP-t0d3QbP-ledCbQ&id=lidar2&mcvt=1000&p=600,-254,1200,46&mtos=516,883,1000,1067,1118&tos=516,367,117,67,51&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=361604310&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648783663507&rpt=340&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=2694508096922078&bg=!g4ClgMTNAAZku-1yRLs7ACkAdvg8WmNPVxbjCqE6CFpshtys0Ojvc5YzF_jETvOOB5vg4Vaa8MUpXAIAAABTUgAAAAJoAQeZAtBODA_cZfw5UVvH_GZOfz9ApGhGmTwMFNqhEWJ2FVQxKTMbL1hf-COfHiamwJtZRjYao5jZgA9N56AXWoXbSOrW3HYo4NzoPosQrmDzrmbQabtB3OCJBqwEtPgpukfp5XOZ7gFVZ673dGAiuDL0P8N2-qFtcdfoN9lBG1JnzHXvQJ2iyFRMK-bosYssJFPsPpVDoXn7HSa1ISDWUMvkmmVCEJVfDXsqu9n42RVsYPJO1hD3ZoHB3z6B5uc9rd8JgcFIC22nLo1yOCZ6JXEbGqkhs0wOcs80mWMdb-lVuBrSMpKN5VE7TzlFZsAhRbuLIujkUaH4ayqWcV9URvNfYI4eSOho_htCWjSWy2zgAMtA3Nx56loCzKbDd0VuXdwb1hNut72YL-ZE8CI6qQQ9Kyf9HGvfVaf-ieroNZATGT25urjQIkZHtB0x6DCBBns385VJqSkNBehtQR_92LmBUkodRNTiJoyPUuCV8zpyy6aUDdaG67N150SmZGn1m3QWThbYNxN_Ct-15Ww6G2NaGMvIU8uG1nlZxf2w8jGLEmtRm4VIxP-5Ewb6y8IFLegNl8G_jB1u2Gp39v9CjFAiOhbtjZJf68vUmt_y4SuLRKNZcEnMMp7N9xPMpey_CI6czxRdtQ5AC1KlYcitp6uQ-UeCB5NLnWjTHBkpGB1Hjd1-PLsr8j3yhnY-k1ggd8Lwm3dxrNEhiwedTnD0j30ui9VVyb-62Tqk-zv3kZ-s7WOex3N4RFaPH5d3ZNbiZVBq_3cpvQbFEqBG32tVfpY0T3TlepOqgYFF6gzFruznDDHuGBmpggm3OfRK-odPAkxue4Mrd_z08V8F2JuaCO_uDh_GzbuDmyLPcGNSMQEuLeRCD3iOB6-kexjqD9q_NI18ytX55mcaXkWv93rOr4cvapt7eeOoEx0oITIToZpK4DADtCo8NJ1lA4vPdjzscBA2ZgE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
542 B 173ms
172ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 441a1b6d062dd3136ba125230dfbb97a77af50d98cc47b06fe2dfb9dda4f6f8e

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 03:27:46 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tbdailynews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sun, 01 May 2022 03:27:46 GMT

POST
H/1.1 200 1013.json Show response
id5-sync.com/g/v2/ 213 B
533 B 29ms
29ms XHR
application/json 54.36.109.46
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1013.json

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/2/5/3110c0-aba7-4877-bc35-60adbb93ceeb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.46 , France, ASN16276 (OVH, FR),

Reverse DNS

p01.id5-sync.com

Software

Resource Hash

501a00afa5c5688ced022357cdcac5c6149bd0dc05ff6af91c5497929a6e1db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tbdailynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://tbdailynews.com
Date: Fri, 01 Apr 2022 03:27:45 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YkZxLyAnU9U4Byqgrv5O2AAA%261156

0
44 B

94ms
94ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YkZxLyAnU9U4Byqgrv5O2AAA%261156
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:46 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YkZxLyAnU9U4Byqgrv5O2AAA%261156
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 293
Expires: Fri, 01 Apr 2022 03:27:46 GMT

GET
H/1.1 200
OK cksync.php
cs.media.net/ 44 B
410 B 146ms
43ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:46 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 44
X-MNET-HL2: E
Expires: Fri, 01 Apr 2022 03:27:46 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ 0
478 B 201ms
36ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?a=true&partnerId=38&userId=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:46 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156972
https://image8.pubmatic.com/AdServer/ImgSync?p=156972&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njk0RUJCRkUtNzU5Ny00RkZFLTlBQjUtQUUyMTUwMDk4MUM5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
219 B

13ms
12ms

Image
text/plain

198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Fri, 01 Apr 2022 03:27:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug021:0:349
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=40035c74-4024-4bb3-b464-dcc449e90bf8

45 B
577 B

106ms
28ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=40035c74-4024-4bb3-b464-dcc449e90bf8

Protocol

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 01 Apr 2022 03:27:46 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 01 Apr 2022 03:27:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:45 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=40035c74-4024-4bb3-b464-dcc449e90bf8
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2414270
content-length: 0
expires: Fri, 01 Apr 2022 00:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb2d84e5c-b16b-11ec-a38f-0214991a90ae
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb2d84e5c-b16b-11ec-a38f-0214991a90ae&verify=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb2d84e5c-b16b-11ec-a38f-0214991a90ae

0
44 B

94ms
94ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb2d84e5c-b16b-11ec-a38f-0214991a90ae
Protocol: H2
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 03:27:46 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb2d84e5c-b16b-11ec-a38f-0214991a90ae
date: Fri, 01 Apr 2022 03:27:46 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cksync.php
cs.media.net/
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=gxbsNdaS1NA7WW5

45 B
596 B

30ms
30ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=gxbsNdaS1NA7WW5
Protocol: HTTP/1.1
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:46 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 45
X-MNET-HL2: E
Expires: Fri, 01 Apr 2022 03:27:46 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 03:27:45 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=gxbsNdaS1NA7WW5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
medianet-match.dotomi.com/match/bounce/ 0
104 B 201ms
65ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 03:27:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
https://x.bidswitch.net/sync?dsp_id=59&user_id=e24cd9a1-dbae-4af0-ba82-8e5315d604ef&ssp=medianet
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cd3d302b-7837-4f67-a1de-3e7aecf63004&gdpr=&gdpr_consent=&gdpr_pd=

45 B
444 B

38ms
38ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cd3d302b-7837-4f67-a1de-3e7aecf63004&gdpr=&gdpr_consent=&gdpr_pd=

Protocol

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 01 Apr 2022 03:27:46 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 01 Apr 2022 03:27:46 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cd3d302b-7837-4f67-a1de-3e7aecf63004&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 01 Apr 2022 03:27:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 trusted-types-checker-aec7d77be939cbfad7a19c3a4ce8f81c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1109 173 B
672 B 32ms
31ms Script
application/javascript 99.86.7.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-aec7d77be939cbfad7a19c3a4ce8f81c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.17.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-80.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35b72b35483b02cca39b6e0e7043ecdbf73975c35da3efa33f02b4811c0b664c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tbdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 14
x-cache: Hit from cloudfront
date: Fri, 01 Apr 2022 03:27:35 GMT
content-length: 173
last-modified: Wed, 23 Mar 2022 18:55:31 GMT
server: Cloudfront
etag: "71ffaedd0c2e208ad1b564272bdfb689"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nSBvYM_Avh5xleqtH9arVId87QUQQONuxvyPexN618bvDZUKK5BDMQ==

POST
H2 200 0 Show response
r.stripe.com/ Frame 6D1F 0
127 B 177ms
177ms XHR
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-975b7a318080f8c3b7328ac2fedc8722.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Apr 2022 03:27:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/jp2diXWZLYA

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1458

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tbdailynews.com/	1970-01-20 02:09:48	Name: asp_transient_id Value: be5076ddcbbf77fb7c3610112a77f0a9
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: bi4WmtidaYk
.tbdailynews.com/	1970-01-20 19:30:55	Name: _ga Value: GA1.2.930121166.1648783661
.tbdailynews.com/	1970-01-20 02:01:10	Name: _gid Value: GA1.2.2145489902.1648783661
.tbdailynews.com/	1970-01-20 01:59:43	Name: _gat_gtag_UA_139423437_1 Value: 1
.tbdailynews.com/	1970-01-21 21:47:43	Name: tk_or Value: %22%22
.tbdailynews.com/	1970-01-20 02:04:02	Name: tk_r3d Value: %22%22
.tbdailynews.com/	1970-01-20 10:45:19	Name: tk_lr Value: %22%22
.facebook.com/	1970-01-20 19:30:55	Name: sb Value: LXFGYjQk_vkO7_C6pIRU5b4h
.tbdailynews.com/	1970-01-20 01:59:45	Name: __cf_bm Value: EHqBZU8s2GlkME_4J9cibbYVdJsRUcKzlZG1e6m1imQ-1648783661-0-AQn1lgsl00OM5SmipVeyI760nP9+S3aiuCnaeLZiulR+rOVTENpp+I5jxmN3d0djWxy0uUnRDW0THzywapoNPP6XuJYHScKCgm8tDg+RzvAkdkJ3M502dIxfbWoxO5A5/g==
.facebook.com/	1970-01-20 04:09:19	Name: fr Value: 0GnVrMr75uTaPKpjy..BiRnEt.0Q.AAA.0.0.BiRnEt.AWX6e5Mns84
tbdailynews.com/	1970-01-20 02:01:10	Name: _lr_geo_location Value: DE
.adsrvr.org/	1970-01-20 10:45:19	Name: TDID Value: efda55b9-c65f-43d8-9839-5b157d1943b0
tbdailynews.com/	1970-01-21 21:47:43	Name: session Value: 6d587511-1774-d043-d0e3-386933f3f14f
tbdailynews.com/	1970-01-20 02:42:55	Name: _pbjs_userid_consent_data Value: 3524755945110770
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s578\|YkZxM
.adnxs.com/	1970-01-20 04:09:19	Name: icu Value: ChgItZ1bEAoYASABKAEwruKZkgY4AUABSAEQruKZkgYYAA..
.adnxs.com/	1970-01-20 04:09:19	Name: uuid2 Value: 6251443399082000855
.tbdailynews.com/	1970-01-20 10:45:19	Name: __stripe_mid Value: 7986fe94-8bef-4711-a56e-ed1f0706a57760552c
.tbdailynews.com/	1970-01-20 01:59:45	Name: __stripe_sid Value: 86ce3014-edfc-4fec-aaf4-af587802e646863041
m.stripe.com/	1970-01-20 19:30:55	Name: m Value: 6becf5f9-70a1-4a7c-8ea9-f3d008afcc84855331
e.serverbid.com/	1970-01-20 10:45:19	Name: azk Value: ue1-sb1-a695f6d7-99d7-42b3-87e4-985d9697c3e5
prebid.a-mo.net/	1970-01-20 10:45:19	Name: __amc Value: 1_1648783662_1648783662
tbdailynews.com/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1648783663392
.tbdailynews.com/	1970-01-20 11:21:19	Name: __gads Value: ID=0bce11ed6bab7bbd-2276cb586ccd0088:T=1648783663:S=ALNI_MaFEQLhnwzCUDlH2CFr8d8DApCD1A
.doubleclick.net/	1970-01-20 11:21:19	Name: IDE Value: AHWqTUliXkYsprfowbis3AHOQVR4Xxk-7BnBCny6mS5bSkOm2wK7j6k3ZvQNPGabnIM
tbdailynews.com/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
.casalemedia.com/	1970-01-20 04:09:19	Name: CMPS Value: 5204
.adnxs.com/	1970-01-20 04:09:19	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?lfUAi5!]tbPl1M>e)ZlrFUfJ+tGXvWBB-6al8`ii-Sd*jW])deaUbp!i_KC@/4JOK!3If)y3KL9D3I?+?E27yE
.casalemedia.com/	1970-01-20 10:45:19	Name: CMID Value: YkZxLyAnU9U4Byqgrv5O2AAA
.casalemedia.com/	1970-01-20 04:09:19	Name: CMPRO Value: 1156
.casalemedia.com/	1970-01-20 10:45:19	Name: CMRUM3 Value: 2d6246712f2760CAESELiIgZucmQ9K4SLl3ngb0-I
tbdailynews.com/	1970-01-20 01:59:47	Name: _lr_retry_request Value: true
tbdailynews.com/	1970-01-20 02:42:55	Name: _lr_env_src_ats Value: false
.bidswitch.net/	1970-01-20 10:45:19	Name: tuuid Value: cd3d302b-7837-4f67-a1de-3e7aecf63004
.bidswitch.net/	1970-01-20 10:45:19	Name: c Value: 1648783666
.bidswitch.net/	1970-01-20 10:45:19	Name: tuuid_lu Value: 1648783666
.criteo.com/	1970-01-20 11:21:19	Name: uid Value: 40035c74-4024-4bb3-b464-dcc449e90bf8
.advertising.com/	1970-01-20 10:46:46	Name: APID Value: UPb2d84e5c-b16b-11ec-a38f-0214991a90ae
.casalemedia.com/	1970-01-20 02:01:10	Name: CMST Value: YkZxL2JGcTIA
tbdailynews.com/	1970-01-20 03:26:07	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22efda55b9-c65f-43d8-9839-5b157d1943b0%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-01T03%3A27%3A46%22%7D
.w55c.net/	1970-01-20 11:28:31	Name: wfivefivec Value: gxbsNdaS1NA7WW5
.pubmatic.com/	1970-01-20 02:01:10	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 02:42:55	Name: matchmedianet Value: 5
.pubmatic.com/	1970-01-20 04:09:19	Name: SyncRTB3 Value: 1649980800%3A220
.pubmatic.com/	1970-01-20 04:09:19	Name: KADUSERCOOKIE Value: 694EBBFE-7597-4FFE-9AB5-AE21500981C9
.yahoo.com/	1970-01-20 10:45:41	Name: A3 Value: d=AQABBDJxRmICEFCN6OK80aNpm4v86ey5_QMFEgEBAQHCR2JQYgAAAAAA_eMAAA&S=AQAAAt5hnaJp_Or_f42C2AzKnpc
.analytics.yahoo.com/	1970-01-20 10:45:19	Name: IDSYNC Value: 17ot~242r
ads.avct.cloud/	1970-01-20 10:45:19	Name: uuid Value: e24cd9a1-dbae-4af0-ba82-8e5315d604ef
.pubmatic.com/	1970-01-20 04:09:19	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 02:01:10	Name: pi Value: 156972:3
.pubmatic.com/	1970-01-20 04:09:19	Name: chkChromeAb67Sec Value: 2

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1 Message: The resource https://tbdailynews.com/wp-content/uploads/2022/01/264400708_1040393293192860_4080631031489931018_n-e1641923021871.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1 Message: The resource https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1 Message: The resource https://tbdailynews.com/wp-content/uploads/2022/01/264400708_1040393293192860_4080631031489931018_n-2.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1 Message: The resource https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1 Message: The resource https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1 Message: The resource https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://tbdailynews.com/newdonationform/164825?giveDonationFormInIframe=1 Message: The resource https://tbdailynews.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	error	URL: https://tbdailynews.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1458' from origin 'https://tbdailynews.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1458 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21d6187fe962483671a41ddff9647a47.safeframe.googlesyndication.com
accounts.google.com
ads.avct.cloud
ads.yieldmo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
ats-wrapper.privacymanager.io
c.aaxads.com
c.amazon-adsystem.com
c0.wp.com
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
cs.media.net
dis.criteo.com
display.bfmio.com
dmx.districtm.io
dsum-sec.casalemedia.com
e.serverbid.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
i0.wp.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imps.monu.delivery
ipwatch.monu.delivery
jnn-pa.googleapis.com
js-sec.indexww.com
js.stripe.com
l3.aaxads.com
m.exactag.com
m.stripe.com
m.stripe.network
match.adsrvr.org
medianet-match.dotomi.com
monu.delivery
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.advertising.com
pixel.wp.com
platform.twitter.com
pm.w55c.net
prebid.a-mo.net
prebid.media.net
protected-by.clarium.io
q.stripe.com
r.stripe.com
s0.2mdn.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
ssc.33across.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
sync.go.sonobi.com
syndication.twitter.com
tbdailynews.com
ton.twimg.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
use.fontawesome.com
vjs.zencdn.net
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tbdailynews.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
api.rlcdn.com
www.youtube.com
104.16.190.66
104.244.42.8
134.209.131.220
142.250.181.226
142.250.184.194
142.250.186.162
143.204.215.111
143.204.215.76
147.75.38.124
151.101.65.194
178.162.133.149
178.162.133.150
178.250.0.163
18.194.227.226
18.195.92.214
184.73.205.114
185.64.189.112
185.64.190.80
192.0.76.3
192.0.77.2
192.0.77.37
192.229.233.25
198.47.127.18
23.205.239.15
23.205.241.117
23.32.59.34
23.35.228.23
23.35.236.247
2600:9000:2057:5a00:19:7d10:bd80:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:2db8
2a00:1450:4001:800::200a
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:803::200d
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:808::2016
2a00:1450:4001:809::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9a
2a01:7e00:1::b903:5c4c
2a01:7e01:1::ac69:92e7
2a02:fa8:8806:20::2040
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::729
2a06:98c1:3120::7
3.121.53.174
3.122.208.3
3.126.56.137
3.33.220.150
34.107.148.139
34.120.133.55
34.149.20.76
34.211.187.4
35.186.236.140
37.252.172.36
46.105.202.126
52.17.151.21
52.28.203.152
54.171.236.220
54.186.23.98
54.36.109.46
63.251.14.3
65.9.66.19
65.9.66.71
65.9.71.173
85.14.248.91
99.86.7.29
99.86.7.80
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03047422295df65247d8d96cde636617cc08a20c94a1198ab2ac63c51d935b41
03461e2776a3c3b29cb997af9abfa50ab8aefbda714b9afaceef14db03820370
04ba65966f0ba6f21c77bc845b136cb33870fd99e8c0fc7781a842ac67f66aff
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07161ded43ddcbba711d1074126ac2ebe7bddd2460554346248afe803bbbb091
0950ef40b958d63bec2627ea6d6872e4015dcaa4ea5bf82cffa9c8b5deed2df6
0972dab44fc5f44e1f69b312fcb4b09d11edead6550e0652f2ed0bd66effbcad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
101007bfc3ea99f75aab522071e212de544073a711a0a3a6496bdebf62408228
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22
1142a5ccd317daaf2a3b85aa88155dd43ad2fd1e70ba9a44e4d01b50682ac802
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d74270faa0289e3f450391d9ec9b29a2d9d96a47ce3c6fb795f97e3c54c5e3
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd
163defa48c4afbe953b013bef080ce3ed2bc00a5a027bc0f1af6abf97b6b2988
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882
1955b201ba599a970a20e5353fbd502bd29bbcba8eb308b39411b5ee1a22a194
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
19d022d3f567c5ac6c99a24b948122dd3512a30b22210808c4f8d6191a7abd7e
19fea9e1196f1ccd50a4c9465339ae8ca5850a50c45f8a6080fedff65292d7bf
1b98e3bb5f882673dbe98e132008f04eada8ab70070d2dcfdd140a699754e25a
1ba052018e589b59a29925ce5c5f99410e7dfe1886f1d4235c8c0900f5de45bb
1bebe07e837fb33f10c63429c52aba83e53af281cdebd8687b3ca740d0703829
1beeddbbd38d5666f958c8087ac0853e823e0b7bbf9f3dd30a933ac1af235119
1d132337773c992bfb05301cc2c20378273a1382ec7dc84dd34cd560033e9a41
1d8f3a43890914d076bcb2a762582c90d83781fbae96eec877901efefe014d37
1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc
1e976ce625ed3f3bda9494292f078e7f0c16f233da123fac2dba7be916b96db1
1f2bb0f96cb5035a0fe5e82a1537777e60eb9bb44e210082904df7fd3405edf5
1f98be2ee0c5e18b86c01bfacd9d3623477dd404d3c0e737142cd3c64fa46a8e
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480
21c7b4a55ddcf0f40806dbec924729bd87dca55501380f6e6069b9f6e3492437
222b245830c8a115a9bd7eb96b0abf53045bd04f6d81fd3fad479e82a5e0d132
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
248187442267ed013f3a6c4e7b62cc521ca4f6aef1c31b6d623b120618da9639
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2a60aad294e0e7c6a2445b0f9e6c0484a43f1417e3f5463a61329573dd5bf3d6
2abc07f83e0a9c350b5580983d7eb8249eb5848c40e4762770297b9e67eba974
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2c4fde915e90fe52bcf7e51b36561485afa8df96b2f5bbf4b4439708617b41f7
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2d3464b6e3998f2785ae34414ffbddc5400319eb1e5b8b224b41520fe929a500
2dc6f478fe16bb9dad73b982009bb0e5989d6f2ae09f887f0cd4e66a10f9dea5
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e30ceb08255c9aa6a79b73b589ffd0866cf1242d93e3f916edd842a87600819
2fc6f28200f9a95780474e258b0ba318bfe09e5df25127fab5c5452aa5db8150
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
31507f73a2c904e73317979e82c8c4531befda90852ca9681ce9fd0a64f7c3f6
3170c86658687db9f461ef450a39bef414f6139f07e299d4886df6ba0c62e86f
317e6499dfac0f003f16283d9404fbcf556283105bbf0f61057358d84cee388f
31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04
31c9b6d0730bffcc43f80e3ad15023d9c43852ac5db962fcee445ca4c319e916
33a4a600d0dc6eff04169234f171792e640e74d0173a41899e7d045d8f7074f4
33d109aa886051923e80be7e7533262355000b8c2a86ac052977953822534676
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
35b72b35483b02cca39b6e0e7043ecdbf73975c35da3efa33f02b4811c0b664c
3675cf844bdaf6da0aeac37e58ff399ef6ad6b94a02cac50d65f4ad0b5c4f2ba
3688a29bbda548acee73eb4383de2cfe65fee84e27fe7d2bccb7d670f697fa18
389c6b086678e61a4ea5595034e243863f0e2a4ff4ac463f5b49cb08c3366eee
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3ba0ff987ed3ac31e6c13f1ffa31853ea3587e3ad8f8b0c6caa3bc9c9cf68ab0
3cadbde1342ff185749c8c3ce51ed30682939a7723d59f151d18adae4a0a191f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4a56f970ea8c531689a1430aca41a918936fcf38c914303378632259861e3d
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fb1e8bf583f168b7662bc6223550187a0d2be1b154aca92fad6ff377426b802
40b10d40a1af8e0c876b82d450572df8abef15ddff9fedf7839ea1d0121cd02b
41520e1153d8c15cc6129392ed13d4b1331c32be2dea1012f1ccccc8ff3a935a
41ac98831a8184099454864cc91dd7ec13a196dc0134aa631b4fdc58307c7fb9
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
441a1b6d062dd3136ba125230dfbb97a77af50d98cc47b06fe2dfb9dda4f6f8e
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4556e963f3488fecd148a9a3cb2d0c3ef574a098ffd94b092a8e3656d0dd3eed
462005d62fd16899b10f7a3c1c1b3c887df57719993ca86ed8c4db026c718c06
46936a930b6fec428a5a2f5eeb4e02ce6fd302ab84b5f9aa3f35f003d9a05de7
46ecd664790e88e6e937ec78bc3b47f85970af27d836641d85766a5dbd765c40
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc71707fbe3193e4e41505d02a164efe2eca430d46268ec242948d6745c6ae7
4bef8da7082933fb32d9f2fbb96acd6255bce40048c816f235b4160d4aacf62a
4c082aff2fdcd045d6d263c1a1d6d141d243168ae1d17537a0b541b1b25d5eb4
4c92903d5602f1c1419e9c647f0db022d425efaaa580d9849e9b6132cb1020f6
4e75a73373757e80313d599d3b2face3bdb1bab76c2dc1c0484d7da136723a50
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4f6bc4fce5d6c219611106c6ab73ff0c18182cb937b3a30ba40c4d7bd01ebbf3
501a00afa5c5688ced022357cdcac5c6149bd0dc05ff6af91c5497929a6e1db9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5417a0da136bae1fa2efb4174ff3c2781dd672a527b46b076b85f67d47a55318
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a689262a6a4ec743dd57aaedf489fa7ce2203cf50c63689db86e92ded64910
57dbe899a2b5c804f6e667838d56d9467d692e449dce19c7f9e48e84776c0ccd
57eb0020759fc86d29508a77059db05cbcda4e5e197d37c761aff0c3330bd65a
58ca87d8658f727d37f03c180ad223eff63f7a608524d3dfbc8a91588724da1d
5b62ca3af1edeacc1dac615ca246629493d560465dde909b01fff075169fe24f
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5f88fda6c1104318ecbf58238f432f61ad8861f7986e62eb84a94b75f857151f
6096d86dff36332e56f668d27cdc943a79e169f40f348ff76f4c2ddeb14bfdeb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f0a53728a9132cc2dd8e854520cca8d7bee46ac8fabad54a8c3fa584360ca9
66768ee3c87238e9e15415c799808d72c282d689e3e1cdc03cec55df921bc91b
67996196a76615ac20aac20bad4f1562daa4ec1ec442567224e403640b005add
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6875e98eccfa969b1f777965d46e283ad78a15e7d8c02658e3a88faabb1a1635
68f8a3b7ce61daabb769db7cb9323fdf6f7c6556c625f80187a2652a462a8bdb
6911c24a9b371c2e460323da83a30fc8298053a2ad4b57a01127ee27777c5eba
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b2b22601b1972ad2358a9034d6340071741b0af572ed57b39acf0e1440a5910
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6cce87bb0a4fd5886b3432b1e849c97917d687bfc0498ca2c44c23f918dd7263
6d14e21005876d302e36cec5c822f0cda641824d78e729ffa9a4237b4f9db824
6db6618484111d323e7140d49f19a2c28e4379270224e5584d08b44622f47061
6f744097129c51896f82c8b09b5b4063a679ebfa8af750ab4ecb406e3818f7c2
7052d0df9611084837de96895e60f8d25412cef2d0ad29be0e1a8987365f582c
72c0ce916cc68697ab06314b7b75bbc438abe9e812fb38929d3ed9f6a159b2f9
736e0ab392c6e37858273ca83bd80f7e4a9fc666b01d44102f371d0150029e6a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
7520e13af9bae547cc5d74a9f3e28a86050f6bf58ea7938fb625e3c163970700
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7767bfcf63f2c6a19d8b846d27ca215b9bc124383ceca10884162ec5958017a5
7847fe9876f5b7bc3c00f4a4e9d1cf60ad762e53be0ca67b2c1ce63e40fc18b1
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ac41ad632fdb5f271ca4c803559bd87bad3947f2ee23bf293ee378e920997be
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7b9fb69580046ed244466ccbc8d5e3ee8b92b244934429e29b3bef8c208ffaef
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e3e9a52a09072161c6b58744b35699cf29174bdcec483c4d71d4e54f0aac040
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7f8007b2d40829cddf7f16d81a4d1015cd7deb2cb251b99b0f857622f3fdbb0d
7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1
7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
806858ce09945d92373167142d7d62c5b0b6e91e7b4d265ed3cd27ab7220c81a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8133f6e5c98f920ffbe15f23fc2bf00db1f8cdd8594f79a7a8571dc9695b9ed9
81a33be7d08ccdf5f6a4b90ab2db0cfe0c538cb9ffb2acdd167e7187147956b7
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
829c71bf065e365c575f69956fe03ff029eab0c5e9c44c6503903edc95c167ae
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
833c8d57ead7206b9b294f9ae4e71437009d64919078bf12d2f27c174fa5ee25
83d13755ed3e66fc8b99ab4cd15e660538dab0d768ea66b1ae570fb9d8b7be61
83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97
848fbad57cfe0865b4425b4ce3870d42d583b24544739775b0afa50553aefb06
8585b10730ff45a2dcba5da91812f7b2aa11d0c927741d99bea1a24ea8d6354b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
865621ac5f128903e5ff1561805a16ce4fd20938f62a4a6807876f78a6f0b92d
86697aaf1700624aa65f9df09612004e0f8e59a64b207bcd72ed0efefbff909f
876c95ed456a1c4afbf5162a54663e2358c1dfffb41d8f506ec999cc68c7a92e
88000280089d4001bbb42af40632d6820f6e18353c9ccc6ff77e6e0b800e3d02
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8985c5aed3ec499dcab3b48919120120c7bf9fbf163606343c9c453b1f5d6a1a
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8cc63bbc0909c61913044fcb995664904cf4f4fdbd91853ea3a4c58a810d93bc
8d5f3e4c420c6afe67cb49e1f7f1fa4f6680d31904331cbd1e1aa731cfb0077f
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
8fdb91943ef492a6f7a1962d0e0a007e0634a609f608ad3abe1ec9bbfa2e742a
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
909e7325cfe3b49117f7bb2f961a6771d8aab92a6c82988f08a04879bee12099
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94229595ba522324bae8df16a451c82fbf0da5ff92a855a8e1276aeb90d45d69
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
94773db8e4ed0417c38fd37dccafd6450b04f372f73c3e2b2a4336f56707dfb7
94b0e82d90fff9ad3963223e423ac80200aac3bafd594c55d3514b3a31c01bcc
96f5ab14b62e4ddf95515ac3713d29386053a65c1fb0ae6224d3f9af7f7f24b6
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a6a571ef8c3924ccdcc9e3902249ecc6b40f9ee03e0ed78d14252a00a7374af
9c40b0d8d543ab82da891bdf85bd21d1537c6d45cdfe8c457be40b2370f2e177
9d4621ff9dba19c0ac3f09c9065fd7b3338e9a5b2bf464aa49a0362e73205bf6
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
9fbd3c2713beacc2285bd418877d4a36273244eabf9df9f488bbd6f5ec2c467d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0c43d49a4d294199fcee7fbe7ddb42f31126afc4f116d9be4f991a36dc48c55
a0e4d20b22c320175b6ba3b65f2e860377691c7b886b60e12c9bcfcfd2d96a6a
a15aba7bd5cf7c7ff829f84b579e44c1cacf577761fac537416e46bfe33260c8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cc99b80167e2817378e50a838c5b50707ea101624893ba1b98b6201009dce0
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a25aeb10687b55c2bbb8e71d772fa626c8e74faddbe2857ed582ebfb9d0c8aa8
a3220e8059925374badb7145ba365952d28964954d5d26dab76dc711b6ff48e6
a372b676d0bff01d23b5dc12a7967d08eb423598a69e5253364c58792adfe2af
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5950c0c5ca80c85d524deccd4d0b2c34d3567ec90e568e670fcd858cf6a2ead
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b7d719ef93ee000afa5699722ec21a0771e18320c0108dd5949a764ce420fe
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
adde0b785eefb324975b12f06274c721c7feaaa80fbeb39af7d6a2d938c12a5b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b097fb74077127b5983e45503fb95c8d7bc70b3eb098e5d9a020592f75f23887
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20a12e1ef6bd7b0f43f5259d5221e99f08ec674565d04f9f16c201ad2adcba7
b23e974f49c3d4e2e95c397bdfc22cf625d4c849beffbe71a5d221ef42f00090
b246a53f18c2f935ef32ebe685c439e9025821055bfdaa878de13f867640d111
b2e2e0e900cbbf7e3398e84edd1537473aeb42ad8b7a6359eda9500b6b86f196
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b3721296aa7e59e4231441f1d1b395ee84803cf259bf363d406dc1a33dad47f0
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b57ae71e53aa95e1921348011a80d0801ba5f3d2e5542f43cbd3d5ab5ddab67d
b5c9fd37dca1ec56a382c45a38fd9aa8425a4b522200f6526b982902f3c3f06c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
bccb67d7541bf76ef32d9cdb154f3366b9266499d9dbb443d43e131780b5c932
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be00b39d31946af26a7f6c23c253ccf6b91ff1b49fd08c27271a0f125cd3d7ec
be10f2d6e174cf1d77dd35d2d37391f5753a29f43abbb429267a0b4a6ab4607f
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
c0c1a1c63ae44a0fb505045dc0a121dc2983344851510dee8a295d2ba49a5975
c30ba59f604fe2d3332767dd1fdfa89bbf0af1e342bae9a2a631f9f9ba7ceb39
c35319041a482d7e415f583e59f981890ef4d7f3985813e3c8d4e2dc550381f0
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7ea863753bf75a16561a726cfb38f5868ea30b4e2f837e7fa30f5cf4f2e1065
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cea2b372f7291a19dba8398c67406fc2c4cb9f56854aaac3520961711bb62aba
d013ebfac6235dcd8785f3b52e77de542364dbcfc7a4c58818ec42ba63c07022
d16a3bd596e2f3a0e4797289175c2942f4bc6b13f8c63d131f31f4c9e4e90040
d21553a716a5210921050dbc5e4ef269068fae93574e931f64d96e095fb098f9
d3e0a9d4c9545594813bf8164273dc81b7d6156f5c7bb879d9ea874cc5f385fa
d410d5da5c490a342df7fb8aeec567bf4bacc50638f51e9a9d8744d0417eda9a
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
d973751c508cce894e72387a9a8faef3a27b43b68fff5fde16c3f85e0c5bf2cb
d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015
da047b22e71eabf635515f8abb26f093f2bc8705ce70ce9f91e1bc5f301dec7e
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b
dbb0d0bfff5de3bb3ed83a5f57f760ed03960a977c8695848db093336cbf47d7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e17f5adde2bb1a8558e4c1f29a2187b47c757442c990b7db540ef275367eb39b
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e233ee4cc2a1d28bfe4dd4a8904eebfe5e1060f6c49d936e85920c8d99f5614f
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47b79be5d6d50f9e0bb185185d8a488fbe5352572b359470edbb6d9f0f0d6b3
e49ab23926779071cdf7622dccb8e17ce14772aecf0d93ec77997a80c34e8230
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e
e8bfdfcc2a75d027f6657eaa2ae964d0f6e28c0f223d6bbe975e1f79541c76da
e9b82c6a0b34f82a080640e11c28408095ffbb490603e7caeb2fd5df4d953674
eaca888aeb65d350e58e7bd2c4687178c0636f87e1b0962b91ee8c59ccf68316
eb9210fe95d9d7932e1be4a2628eab49b5f9d34c389018f65c6642edcaba73b6
ebf2964e7c4ffa5357ee52ce722a56fc60ebc134c1dfcbed56b40cbeb970c53d
ecbe477eed6479fbc6ee0b999285545857eb5f1bc8d5c86cfd44f58c5bc437fd
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
edc04e64e8d19044bea7dbb462147f0e9073dde4135faf91a186f6880ecf663c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eeec91b2fadfdf6d8765b108702665cf6fe0741a4305e499a76143d51350651c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
ef317402ae53715081da39926fd93a532749f388dd4b91d482bca33719da3aa1
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
f027f6d67f7611bc65bb6672244d9e81781182f2a3fe23aa5927f92cf6bc023a
f04fa0c414c589de5f897b3ff10c0a91418dffc7a0890e6bc1d2fd24c9088120
f1389982c341c883bdc2dc8e668ee73aa0dc6922f09fa5bd2b2a797197e1c230
f3133a9c6d4f6013ae2ed7a10386a974974501150f37f6ec7f9619c9bd836b7c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f583e6f066580f1ff8de79aa4b6db998d82f8a672fd166fbcc842f25e4c4ffb9
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db
f6b60bf03cd338fa564b412c19aa3225fe44d7347cbab4050219a2afc900d01d
f7f0052ab279b948be05d45f194b76b1dc7b22b5080a868908e248c040b18004
f8b9d1921dd2e7d05d6a6f7cb2add49b7bc1152a70a6487495f714eef79d08bb
f8e93fa39f0cf73cfb058e2adb35e2b950fd2e05fcf5aca4c04e3565a89404a8
f8fe5f075ab505097a06fda7d5d44097b6e77e79673043ffba42bca883baeffe
f9bb4df11b6dfd0422796161812d2e71fdcbe8c568a8dcb1b6d5f8f04c4a8cb0
fbf2066f082a622f93ea349c9292c13165935ef0b703346b80542aeafe24227d
fdc333c73d07f9dbebce73a959489503f05b9d1e8157f68e53b8164ce0e7102f
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

tbdailynews.com Open in urlscan Pro 2606:4700:10::6816:2db8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

462 Requests

96 %HTTPS

42 %IPv6

55 Domains

96 Subdomains

82 IPs

9 Countries

8996 kBTransfer

21106 kBSize

52 Cookies

7 Outgoing links

Page URL History

Redirected requests

462 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tbdailynews.com Open in urlscan Pro
2606:4700:10::6816:2db8 Public Scan

Screenshot
Live screenshot

Full Image

462
Requests

96 %
HTTPS

42 %
IPv6

55
Domains

96
Subdomains

82
IPs

9
Countries

8996 kB
Transfer

21106 kB
Size

52
Cookies

462 HTTP transactions
11 data transactions