urlscan.io logo urlscan.io
SecurityTrails logo

equi5.subsidyaid.com Open in urlscan Pro
34.123.196.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ak.peethach.com/4/6634689/0.15548436946584965
Effective URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=789813...
Submission: On February 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 17 domains to perform 52 HTTP transactions. The main IP is 34.123.196.68, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is equi5.subsidyaid.com.
TLS certificate: Issued by R3 on January 27th 2024. Valid for: 3 months.
This is the only time equi5.subsidyaid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23.46.156.160 20940 (AKAMAI-ASN1)
1 18 172.64.204.9 13335 (CLOUDFLAR...)
4 139.45.195.8 9002 (RETN-AS)
1 139.45.195.253 9002 (RETN-AS)
1 2 34.232.110.131 14618 (AMAZON-AES)
14 34.123.196.68 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:23c... 16509 (AMAZON-02)
1 64.185.227.156 18450 (WEBNX)
1 2600:1f18:16e... 14618 (AMAZON-AES)
1 104.154.135.87 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 54.197.77.77 14618 (AMAZON-AES)
1 34.120.195.249 396982 (GOOGLE-CL...)
52 18
1    23.46.156.160 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-156-160.deploy.static.akamaitechnologies.com
ak.peethach.com
18    172.64.204.9 (United States)

ASN13335 (CLOUDFLARENET, US)
totalnicenewz.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
2    34.232.110.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-110-131.compute-1.amazonaws.com
track.additionalbenefits.org
track.subsidyaid.com
14    34.123.196.68 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.196.123.34.bc.googleusercontent.com
equi5.subsidyaid.com
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:23cb:2400:9:5bab:8100:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.callcdn.com
1    64.185.227.156 (New York, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org
api.ipify.org
1    2600:1f18:16e:df02::64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
lander-main-microservice.netlify.app
1    104.154.135.87 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 87.135.154.104.bc.googleusercontent.com
funnel.improveourcredit.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.197.77.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-77-77.compute-1.amazonaws.com
display.ringba.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4506236711272448.ingest.sentry.io
Apex Domain
Subdomains		 Transfer
18 totalnicenewz.com
totalnicenewz.com
78 KB
15 subsidyaid.com
equi5.subsidyaid.com
track.subsidyaid.com
1 MB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663 Failed
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
69 KB
1 sentry.io
o4506236711272448.ingest.sentry.io — Cisco Umbrella Rank: 374360
590 B
1 ringba.com
display.ringba.com — Cisco Umbrella Rank: 84171
787 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 improveourcredit.com
funnel.improveourcredit.com — Cisco Umbrella Rank: 343387
2 KB
1 netlify.app
lander-main-microservice.netlify.app — Cisco Umbrella Rank: 307967
991 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2768
222 B
1 callcdn.com
js.callcdn.com — Cisco Umbrella Rank: 204208
3 KB
1 gstatic.com
fonts.gstatic.com
62 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
45 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
847 B
1 additionalbenefits.org
track.additionalbenefits.org
737 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 49226
470 B
1 peethach.com
ak.peethach.com — Cisco Umbrella Rank: 259600
2 KB
52 17
Domain Requested by
18 totalnicenewz.com 1 redirects ak.peethach.com
totalnicenewz.com
14 equi5.subsidyaid.com equi5.subsidyaid.com
4 my.rtmark.net ak.peethach.com
totalnicenewz.com
2 connect.facebook.net equi5.subsidyaid.com
connect.facebook.net
1 o4506236711272448.ingest.sentry.io equi5.subsidyaid.com
1 track.subsidyaid.com lander-main-microservice.netlify.app
1 display.ringba.com equi5.subsidyaid.com
1 www.facebook.com equi5.subsidyaid.com
1 funnel.improveourcredit.com equi5.subsidyaid.com
1 lander-main-microservice.netlify.app equi5.subsidyaid.com
1 api.ipify.org equi5.subsidyaid.com
1 js.callcdn.com equi5.subsidyaid.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com equi5.subsidyaid.com
1 fonts.googleapis.com equi5.subsidyaid.com
1 track.additionalbenefits.org 1 redirects
1 datatechone.com totalnicenewz.com
1 ak.peethach.com
52 18

This site contains no links.

Subject Issuer Validity Valid
totalnicenewz.com
GTS CA 1P5		 2024-01-19 -
2024-04-18		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
equi5.subsidyaid.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.callcdn.com
Amazon RSA 2048 M02		 2024-01-30 -
2025-02-26		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
*.netlify.app
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh
funnel.improveourcredit.com
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.ringba.com
Amazon RSA 2048 M03		 2023-11-27 -
2024-12-23		 a year crt.sh
track.subsidyaid.com
R3		 2024-01-16 -
2024-04-15		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Frame ID: BEF838ADB281621332A09870B4409718
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

subsidyaid.com

Page URL History Show full URLs

  1. http://ak.peethach.com/4/6634689/0.15548436946584965 Page URL
  2. https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z... Page URL
  3. https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z... Page URL
  4. https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778842621920677908&oaid=783b82062a1a... Page URL
  5. https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=4662728&bannerid=20248186&zonety... HTTP 302
    https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

52
Requests

94 %
HTTPS

41 %
IPv6

17
Domains

18
Subdomains

18
IPs

2
Countries

1327 kB
Transfer

1750 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ak.peethach.com/4/6634689/0.15548436946584965 Page URL
  2. https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  3. https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  4. https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778842621920677908&oaid=783b82062a1a29f02b8f762106184a1b Page URL
  5. https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=4662728&bannerid=20248186&zonetype={zone_type}&campaignid=7898133&device=desktop&region=fl&isp=781237823&source=PR2&medium=push&cost=0.020585&visitor_id=778842629512376637 HTTP 302
    https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0.15548436946584965
ak.peethach.com/4/6634689/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ak.peethach.com/4/6634689/0.15548436946584965
Protocol
HTTP/1.1
Server
23.46.156.160 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-156-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
* *
Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
724
Content-Type
text/html; charset=utf8
Date
Tue, 06 Feb 2024 21:14:29 GMT
Expires
Tue, 06 Feb 2024 21:14:29 GMT
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://totalnicenewz.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
Pragma
no-cache
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Trace-Id
b4e55128192139e80f04c66ecf28e27f
img.gif
my.rtmark.net/ 		0
0
/
totalnicenewz.com/ 		40 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: ak.peethach.com
URL: http://ak.peethach.com/4/6634689/0.15548436946584965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
858934fe6f73f6f9790690ffad9db2a7b5eaf134d732338b24b6e46dc4c55cdb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
851667308bf578ed-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 21:14:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZKl2xe3ka61kPk27UsshmvdRKmewmTttkgVaUmzuh3pA%2B%2FxapOpyZzWnQQ8RDDWjnTsRRmaBeSV0Z4pf9y%2Bgmt8RZxMEAUlC1AJWwFjg95mt71bFdWH2a2b%2FptXOclSLSF3kg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=783b82062a1a29f02b8f762106184a1b
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d5d132d5e82f5a6853b674d6f147140725d697c9b3579effa5c6a0ada71014c8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
totalnicenewz.com/pfe/current/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 21:14:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jan 2024 09:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b22bc5-704a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW2wOuSE9qN6sWqyeDD%2BcdaeScpiKB6q82ClTJsu4xNAWCxd47RLVZ2wVF0lH%2BtRIOx0LOXHdam7XccjjlCfTUfcUaUmLzPzFI3lQt4m%2FotxHLTsr5PM2dC4NJ7AtcDhR%2BROCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
851667317d4a78ed-EWR
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
totalnicenewz.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/19/4662728/?abt_opts=1&var=6634689&var3=778842621920677908&ymid=&rhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3ba2682d0374dddf34975ff2bb89421d8e122ee3477f0f5149c61bfd7855bf
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
7a7c9597d8d8c8925c1a647357a4aa4e
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LfCNbYbF6LASByBN6v5E9Ndmtl2evpHmeuLDzEMLTVedqM3LbS6ZU7uiY4%2BzZoqrvPthDi2%2BNWgUMvYAVlvq1DXL3yyYcASiW2MVwgUQgO2f32sgsttNewShqDQ4WuyNuVmEA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
851667319d6d78ed-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
totalnicenewz.com/ 		2 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3WUmSRlZdEf67aB9AUxOVB7yQ1o%2Fq0eX7SbDBMKTvoT92f2Y102dEQcmcszeeXQb%2FVc15LODpIarsvwrHy8jacL2e%2FFFKOdUJ2nKHvjVNAtOvfSUArZoANm9LdjGefJoMVZCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85166731ad7078ed-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
totalnicenewz.com/sw-check-permissions/ 		0
992 B 		Other
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sw-check-permissions/4662709?var=6634689&ymid=778842621920677908&uhd=1&zoneId=4662709
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGknqooP4wmDQ%2FCMaMRC1CGS9HAqK9a5ajO4xgq6f%2FgAVBASDUMzKnwg%2F%2FA3HfenBUV0mO1PQvthcPKXuuA0NM5g5wGhmcZRh2r6xC156j%2B4dcuUpsMNudM1d79GMCM7oyTdOw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85166732be5843d4-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
totalnicenewz.com/ 		0
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6634689&ymid=778842621920677908&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=d9a0525a-3778-4114-be30-25467cda9eda&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-trace-id
bf6a8a958c41fc1548ce99fd535fcdac
date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i4A3FEXEuSPsssfoFMMyjlGL%2BWuAFKpNSYfl8H593TYHZ3aXm2kACW6fWq8h%2BsLtDqimJoSMVGSHkuBCQe5s1rTegom264X3%2BwNUc7gOurFecZcicLDSxPke15B53FVSYHuSw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalnicenewz.com
access-control-allow-credentials
true
cf-ray
85166732be5943d4-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=778842621920677908&var=6634689
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d5d132d5e82f5a6853b674d6f147140725d697c9b3579effa5c6a0ada71014c8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
rhd
totalnicenewz.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/rhd?rb=gvlfBaFkfmLA5gD3P9hXuIAXPuGNpwFY50pTj8aUfuKJ3d16LnWXbaIoJvLIC-0cBK1cySimC72onP6M7L3XMF-zKwy91hhb7x0CqC88J_JckzIWlg6z6aPYLa1AzqF82EmducvOGdnSjE7YqfsuRmiBcZd9QtgcV8sFHB4gCHxcrTXRCNNKRTP2Kzb39URtfRE1iTlrg0RLZ3QEd5DR37hQlWSJXJx0TKsKKvQHoJ0n91f9v2sqT-SHzPuKVYgENN5x7niUWGVMvb3SXkMlc-1QuGFr4CeIKovg2rbmRqgF2wZHVPz75wZ5FsOh5vRKfocMklZuipjOAAKXo7_CLZK9xP15jnugZOXchFb8MMks2KAhfxMkvub1szEdvf_nGNdTF_KLAioTEHiIniS-agHS5NYoxiAbdrcwecW0QF1ub5VCy9I2xDpbV1q3DstWqrGKcplJUTQIdjmxyVPlBNnmzGdjcOdVe46YptONGIz9qGzBJtzsr6fj0bYqxRGxYEbnIDls1fvRzgE5UDU48l4WayBnpQXO&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotalnicenewz.com%2F%3Fs%3D778842621920677908%26ssk%3Defcc456be59dc0443dbb3fe7f11e676f%26svar%3D1707254069%26z%3D6634689%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6634689&var3=778842621920677908&ymid=&rhd=1&m=link
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
4abf9d63a626f468318c265af07e12e1
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSRBB6RZZgWbzem9DhaF2FmN9RcFeT%2BgK3uGOnycTuEcftiLqi0Fn4VYmNMgyZrywCdJnWL1bOtNHLQw1boLTlFFMBWW5AOzbba5mEHrs4X7qHbqJTuxd4DTzD5cYIPBfQZQNA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85166732ee7b43d4-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
zone
totalnicenewz.com/ 		796 B
978 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6634689&ymid=778842621920677908&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=d9a0525a-3778-4114-be30-25467cda9eda&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
b4100ecbee871a5e85463a52a63ca4a3
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfEybl25yDlxV6eLJESkU8fIrFg6olsc1MwgeVMCHcxXtncLbks63yGCnBvcjUVXCafJd3rB7U0fVulh2IRrqtNYPzdEmWossXRTewKoM5RdTgjDAdzaeYEJ%2Flu5eql3bxv5FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85166732ee8f43d4-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
totalnicenewz.com/ 		40 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
c7623f78c48eb0bd7a7c5eb612f76df48db68d23fc83bdc193f62c15c035b33a

Request headers

Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
851667335f1743d4-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 21:14:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYEwpQQJnviCIUJVPvIwKKJ06RDWfju10%2F9d6themK8cBQPQvC9VtbfQ245B7bBhUjUM3ysiNFsLWi3ayRH6mKRk3tAUnHltAb99aXOOjnKSb2WyNVklak1PgETC2XNKjyb7xA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
micro.tag.min.js
totalnicenewz.com/pfe/current/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 21:14:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jan 2024 09:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b22bc5-704a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bc8XMfyXkomWQRrfqK3pFRBmvvSPO%2FEareL%2FfJUgb2xQgX31HY8Y6tTsRDPrThAhjIQetvdgeZRWoozLOclgeytneFNzYTY8eKqx4G8TS%2BQ%2F8s974joSb3As2%2B4R6En6%2B7DrdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
85166734587d43d4-EWR
alt-svc
h3=":443"; ma=86400
/
totalnicenewz.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/19/4662728/?abt_opts=1&var=6634689&var3=778842621920677908&ymid=&rhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6b521ede30a447e49737626a863c172251ebfffaa0bb92e1b226a7cf77608a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
74a90f070ea6eefd1166dd4c07e792dd
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOj5YkyVUXYD7d5OS54L6sZQWOThscIZERkAaV0o3td7WCPyINIlC1Q3ZXxSHINOqEZCV%2FZvjvcH3W9sad73nDA4rDXWrPehZDAjMz%2B5kmqGZmcqsgUKmvqHJwFwlcbhcFZr%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85166734588143d4-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
totalnicenewz.com/ 		2 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rc3vt6PS%2FgjUH1uJmUrGuZGyGR3sqi8KhvRjCxwJSHrTW5sDgd%2BmFoUOYukbxKsSayvqdIV4V90tnLIR68jt4zhie%2BYCbk6NRJwzGeU%2FCVsWkZVAEDpLUhR6na20CEHFqYwKyw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85166734688b43d4-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
totalnicenewz.com/sw-check-permissions/ 		0
955 B 		Other
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sw-check-permissions/4662709?var=6634689&ymid=778842621920677908&uhd=1&zoneId=4662709
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfE2FpPQy9%2B83zpeg0E2fXtaO1Hjt8uDrcHNJ4V9Z6wZZGtGezFmLH7KswrHAw9NycvlcqRE81g80i4J62NBQB5gUG1vfGdvj9OJsB34QTXBJ%2B1vWaKT4ID%2F565GDFsIImoX6g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
8516673589e543d4-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
totalnicenewz.com/ 		0
494 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6634689&ymid=778842621920677908&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=07139bfd-25a0-4c73-a323-f17f2e8e9f5b&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-trace-id
e44458c17640c5bc26e5a857a161fe93
date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4EVRIAovHHSdbqziRI0%2F9UK89oGYMz4pzuTHhOSRC0B0aM9GeJ0mnS6dyAO9YkmCtecGhBbuwqbPPTj1CStRXwZNLH9cDOVWsDy6PHSRz2yJ5KK0DBTLb7GI%2Fe7wAUFzE9BBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalnicenewz.com
access-control-allow-credentials
true
cf-ray
8516673589e743d4-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=778842621920677908&var=6634689
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d5d132d5e82f5a6853b674d6f147140725d697c9b3579effa5c6a0ada71014c8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
totalnicenewz.com/ 		796 B
981 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6634689&ymid=778842621920677908&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=07139bfd-25a0-4c73-a323-f17f2e8e9f5b&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778842621920677908&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f809a027f33d0085ab318e5877b51537af799f15847721d347f722e6270db5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:30 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
d22429933c60dce62201819d416181e2
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opW1duCVYKWjV3wdNfn2Xs7qvyngdqvJrlwTSU3nu1DpDixxOgwK7RoJdts8kMZne1jWoPXfuX%2FOmxu4y%2FpVy2cO%2Boxuio5FoZhCbB6Yxs2xrYsWoyhlyucp974ZZJeTz38NQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85166735aa1c43d4-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
totalnicenewz.com/submenu/4662728/ 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778842621920677908&oaid=783b82062a1a29f02b8f762106184a1b
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7dbc52b6251e2de98528b3e603c7f507dcc0e2a6a3a2f416bc4e80a4041cf73
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
851667393e8043d4-EWR
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 06 Feb 2024 21:14:31 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTinYmBju5kqFkITDX%2Fe0lHOvytALe9usWzURuG2xwmHzyL0bL8KIStmOVTjLUJOlnSt7o2RsrmdQBHrkREdMLME1FDks6k81xEFqdXuemOQodWWyksnX%2BS02N2M8pLoDC4MzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
d740f163952d0ff24e2715beadbfa243
sftouch
totalnicenewz.com/ 		2 B
773 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sftouch?userId=783b82062a1a29f02b8f762106184a1b&z=4662728&p_rid=e2d50c0d-31bf-4df7-b19a-d865f66d10e4&p_src=sf&branchId=0&rb=t8Fl7HwN5Fp8hFSQt2M6iOlz9_5GgzPPy6G-NV_Iuut6JfOIa73BKSdEo6J-gQrvoAK8u9sNkGd1PgNVPEaPoBsU-DGz5yi4TPnkph08VSCm0NrMgazk4PMjhUQ6FX0gAvSxbC3GdolUnB6WRnWQbOFwLwa58TCTD5qLkKPfDL8F8B5dGypJLF_zzyP9VVeP9ez9h2OsbkZu0QnlWk-F8TlPgpkBWdO_FcdW73uioQy1xCsHyh68uJYTEC5ZwIFOK4TdoocIlPcETjuNlEsXX1Fpw6ko119lWjpCA7_nZS9oCzUO1Az4r-TSc9BsPGzKFQlnYb5sbOg=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778842621920677908&oaid=783b82062a1a29f02b8f762106184a1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778842621920677908&oaid=783b82062a1a29f02b8f762106184a1b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:31 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
x-trace-id
ac632b220152d7f2df5baf3cc83349fc
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://totalnicenewz.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvvLLo%2FlduUeilFhZhY8PrXX4s1aH%2FKWxNxak%2FtoyEeMFMhQp5W8DAeONKc6qIsmtn3IstoXLj56ChG5wAHYkvwhOh7KzTqa%2FyuK3Eju6l%2BdPBDm5sGKgmdgpXxCmzwU5iXcbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85166739ff3643d4-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
507 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=783b82062a1a29f02b8f762106184a1b&z=4662728&p_rid=e2d50c0d-31bf-4df7-b19a-d865f66d10e4&p_src=sf
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778842621920677908&oaid=783b82062a1a29f02b8f762106184a1b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:31 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4fb50f2b-59a7-49c2-bee2-0e5e78f999de
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778842621920677908&oaid=783b82062a1a29f02b8f762106184a1b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://totalnicenewz.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 06 Feb 2024 21:14:31 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://totalnicenewz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request lander-1
equi5.subsidyaid.com/
Redirect Chain
  • https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true
  • https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=4662728&bannerid=20248186&zonetype={zone_type}&campaignid=7898133&device=desktop&region=fl&isp=781237823&source=PR2&...
  • https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
d3856b4d11d76e6f4fa87973b4ec83dd6ef0e9cb6eeda65b884727f33512fc4b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://totalnicenewz.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
1336
content-type
text/html
date
Tue, 06 Feb 2024 21:14:31 GMT
etag
"65c173d3-538"
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 06 Feb 2024 21:14:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
pragma
no-cache
server
nginx
css2
fonts.googleapis.com/ 		3 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:opsz,wght@9..40,300;9..40,400;9..40,500;9..40,600&display=swap
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83b78ab2ca543f34ac77a105efaff8fd77bbdba44939b8be442a1bcc85f14cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 21:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 21:07:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 21:14:31 GMT
scripts.js
equi5.subsidyaid.com/scripts/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/scripts/scripts.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
b416c2ebf4b4d4e71bd515a35a15f45da09c708728cfedb05dc3ed2902fc68dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:31 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-2e69"
content-length
11881
content-type
application/javascript
main.8472d217.js
equi5.subsidyaid.com/static/js/ 		776 KB
777 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/static/js/main.8472d217.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
176f2cb0f7d0d607cf3903b22162cec1387e1cfbf363d76b29a2870ee1146128

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:31 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-c1ea1"
content-length
794273
content-type
application/javascript
main.6df79cac.css
equi5.subsidyaid.com/static/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/static/css/main.6df79cac.css
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
7ee7f061f864c34e21a8a9c0a753ec7e61415a7032fc0b04cc784c0134956db0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:31 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-43ca"
content-length
17354
content-type
text/css
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Feb 2024 21:14:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
mfc684BFy+RNBDZ2XTZV4U68lBuEx7gmp+JvPmu74tIf7G+oayxUN87/SUXFcSSU+dcgrNLDfDjjSyMYnC/AlA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8XQHMBR
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2166b2470e0d750df08d439a5630ad8303285a24821f75a69ee52cb90a4e6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Feb 2024 21:14:32 GMT
banner_shape_3.6cde1a3669b1a621d6e6.webp
equi5.subsidyaid.com/static/media/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/banner_shape_3.6cde1a3669b1a621d6e6.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/css/main.6df79cac.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
fbefb53e718f4e5f3c2d02656af3678f10b9388a82511855617830f58cd98f61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/static/css/main.6df79cac.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-e908"
content-length
59656
content-type
image/webp
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v14/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v14/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:opsz,wght@9..40,300;9..40,400;9..40,500;9..40,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3e7e94fc36d961b807c8fa6c2bbbd5cf60a746a95c0d01f331d847156b198c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://equi5.subsidyaid.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:14:55 GMT
x-content-type-options
nosniff
age
475177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62704
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 22:05:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:14:55 GMT
logo.46a0b122f586f8f63c5a.png
equi5.subsidyaid.com/static/media/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/logo.46a0b122f586f8f63c5a.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ef6ebebb5f3b1f249439235c20ce8b7b4da09b4865c7e02cc508b70bfaf54cf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-97df"
content-length
38879
content-type
image/png
subsidycard.b137d19491cceaeca436.webp
equi5.subsidyaid.com/static/media/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/subsidycard.b137d19491cceaeca436.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
1121f900845e1e1d10a24d0ebeca2cba7980de8b55118546879a2e1a54b638d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-6ffc"
content-length
28668
content-type
image/webp
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a65df679865cbe83d89e0edcd0f684ea66169fedee5b420cf1b6544e9fa13845

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
news-logo02.ec6acd0201605b43bc54.png
equi5.subsidyaid.com/static/media/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/news-logo02.ec6acd0201605b43bc54.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
0e4b455181a5b285f26758971d8f0b47ee821307adfbf91b6c75602f50c94a0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-5c8e"
content-length
23694
content-type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74e959bdf6b08b492e3b51a00f380ec6dc909967a3e3bdc62f90f9921c77d251

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa9bb74cb885084014960f08e9bcd5fff5eaff8575dc00dd3e70d0a21a426a4a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7ac9ad730d43956d46938079899f41f83714aa8e8affc90186373773c528706

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
news-logo06.0fc68c2f7481ac435f98.png
equi5.subsidyaid.com/static/media/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/news-logo06.0fc68c2f7481ac435f98.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
dbc384bd02b57754a0bfab2891767aa3fa65100af6f9e7947c09eef292606d0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-5909"
content-length
22793
content-type
image/png
002-basket.8e956a38db2baa6a51c4.webp
equi5.subsidyaid.com/static/media/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/002-basket.8e956a38db2baa6a51c4.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
5b8e5d2f27e9fb10aae3edb56fc9134aed9ab59317b7a1fbc7f19bdaca05ffbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-1914"
content-length
6420
content-type
image/webp
003-rent.90b97597dfbe45996927.webp
equi5.subsidyaid.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/003-rent.90b97597dfbe45996927.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
41c5942b665b0d689809e54ad42a829ad7d05b465da0ef6a6834a73f3b40e6b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-a12"
content-length
2578
content-type
image/webp
001-gas-pump.da372692325fa1463351.webp
equi5.subsidyaid.com/static/media/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/001-gas-pump.da372692325fa1463351.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
07edc267cf6450c21b85b43d498632665b785593860e4ea9911219d890179863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-d8a"
content-length
3466
content-type
image/webp
004-online-shopping.014c367a742b5cbdcff8.webp
equi5.subsidyaid.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/004-online-shopping.014c367a742b5cbdcff8.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ddb682b2e3d2ac7f1e637ed27a3b98f4b88145dd09742da03c35ee597b1df525

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-b72"
content-length
2930
content-type
image/webp
trustpilot-logo.228391ce98bdfb1e17b4.png
equi5.subsidyaid.com/static/media/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/trustpilot-logo.228391ce98bdfb1e17b4.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ddf815a7a7b5ad1e87132638f5d141599075d6f61a5700e21dfd5e44209253ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-10dd6"
content-length
69078
content-type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e53d918f1e31a51d64f9780fa1c4d91fcac71db9c13fcb9194d633213158bc7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		813 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee82b191319cab951f67e31261e7c36a53bc0b49fe818f7523614140385b4c2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02643c4790593efc994305a03557d68b339e66b3e1dbd390ff10726430dea506

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b59ed497b64917f794e3ee961cbf9dfc4ff6ca5033f9b28d8e76b0c0a2623d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
1a755a5e-8811-4c48-9393-d8531031bb48
https://equi5.subsidyaid.com/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://equi5.subsidyaid.com/1a755a5e-8811-4c48-9393-d8531031bb48
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
10285
Content-Type
ringba.com.js
js.callcdn.com/js_v3/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.callcdn.com/js_v3/min/ringba.com.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:2400:9:5bab:8100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b35261b95ec779b25d6a27b1b2c1c2d6f1c08f329ffd643478ad63d7ddcdea0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:10:58 GMT
content-encoding
gzip
via
1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jan 2024 15:58:04 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
JFK50-P1
age
32626
x-powered-by
ASP.NET
etag
W/"0ce63cbdd43da1:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9gOq28CY14mZCVN1L3Pw3uHAQLVnZ4HOz9imxHShvQFLbX-9Hf_47w==
/
api.ipify.org/ 		22 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.185.227.156 New York, United States, ASN18450 (WEBNX, US),
Reverse DNS
api.ipify.org
Software
nginx/1.25.1 /
Resource Hash
aa1ca7a298c05fcd0b150c05da0bfaae7c50d2a762631fcaaefb0c40b4806767

Request headers

Accept
application/json, text/plain, */*
Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Feb 2024 21:14:32 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
22
Vary
Origin
Content-Type
application/json
volumOfferScript.js
lander-main-microservice.netlify.app/ 		2 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lander-main-microservice.netlify.app/volumOfferScript.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df02::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
789b421b522b89a400280aaaed0096fb4c36e54da676914528442495abe7d782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id
01HP04BH93BZT7QGF6ST2810PH
date
Tue, 06 Feb 2024 21:14:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
6211
cache-status
"Netlify Edge"; hit
etag
"93347be9e14a8b56ff0067ca578bcc32-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
722
ip
funnel.improveourcredit.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://funnel.improveourcredit.com/ip?key=askdjaslkdjaskjdsla
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.154.135.87 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
87.135.154.104.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
24f3eec973f85eff1221c57c123ae764a8bd2bf3a92062c2654f247bb66717e1

Request headers

Accept
application/json, text/plain, */*
Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:14:32 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"6b4-GL7C1L+dz4SgLbzkOpVoCABYCSw"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
1716
1279112236350881
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1279112236350881?v=2.9.145&r=stable&domain=equi5.subsidyaid.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f256c7613955dae449b7ba9d1f3be745949c30db8135da14b58a2ea2193f4652
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Feb 2024 21:14:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11162
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
wRhbRyLeDLtaoeGUS7YcLGMbmY7Jl1KPp1IbFl7h4XBXeuGFjri0RQ9baWV5nyAm5xbktXWfsfENi4LgIiCzJg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
473117f35950ebe0acb6f48663d946b9c1498abee246adff6824a8f6fa0db210

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1279112236350881&ev=PageView&dl=https%3A%2F%2Fequi5.subsidyaid.com%2Flander-1%3Fvl_click_id%3Dw6nbpou525j7fd0v2u4sltc2%26utm_source%3DPR2%26utm_medium%3Dpush%26utm_campaign%3D7898133%26utm_adset%3D781237823%26utm_ad%3D20248186%26site_id%3D%257Bzone_type%257D%26placement%3D_removed_%26externalclickid%3D778842629512376637%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%25221480fb125459cbca6cff13fbac5d846220d91cf906e466eb2842ef350878138b%2522%255D%257D&rl=&if=false&ts=1707254072629&cd[eventID]=EVENT_IDB0CF65F7-224A-4788-A3CD-92714CBBE735.F715D95C-DE45-4A98-9F00-442D7F8239C0&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707254072625.225942359&ler=empty&cdl=API_unavailable&it=1707254072339&coo=false&up_url=&rp_url=1480fb125459cbca6cff13fbac5d846220d91cf906e466eb2842ef350878138b&exp=e1&rqm=GET
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=w6nbpou525j7fd0v2u4sltc2&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778842629512376637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Feb 2024 21:14:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
gnbulk
display.ringba.com/v2/nis/ 		396 B
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.77.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-77-77.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
80abedca3ba299cc7906050a0256e9556544e1096a5cb24ddb6842bf6cbb029f

Request headers

Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Feb 2024 21:14:32 GMT
X-Runtime
0.0010
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
300
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://equi5.subsidyaid.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
396
Expires
-1
.js
track.subsidyaid.com/d/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.subsidyaid.com/d/.js?oref=&ourl=https%3A%2F%2Fequi5.subsidyaid.com%2Flander-1%3Fvl_click_id%3Dw6nbpou525j7fd0v2u4sltc2%26utm_source%3DPR2%26utm_medium%3Dpush%26utm_campaign%3D7898133%26utm_adset%3D781237823%26utm_ad%3D20248186%26site_id%3D%257Bzone_type%257D%26placement%3D4662728%26externalclickid%3D778842629512376637&opt=subsidyaid.com&vtm=1707254072634
Requested by
Host: lander-main-microservice.netlify.app
URL: https://lander-main-microservice.netlify.app/volumOfferScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.232.110.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-110-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2f173c916b1212cc137914cb7cce49b8a8d006d735e81fabcd93c527603923cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 21:14:32 GMT
server
nginx
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
1150
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
o4506236711272448.ingest.sentry.io/api/4506247999520768/envelope/ 		198 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4506236711272448.ingest.sentry.io/api/4506247999520768/envelope/?sentry_key=af570c650df8c0a8b2bf41eb906104b8&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Feb 2024 21:14:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
60:transaction;profile:organization:transaction_usage_exceeded
retry-after
60

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.rtmark.net
URL
https://my.rtmark.net/img.gif?f=merge&userId=be6d55f64af242acaaccea5cb7fda7d1

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| domain_settings function| fbq function| _fbq string| fbPixelId function| fbcFunc boolean| facebookPixelLoaded object| dataLayer object| _rgba_tags object| __SENTRY__ object| _rgba object| google_tag_manager object| google_tag_data object| ringba function| dtpCallback string| pnumber

28 Cookies

Domain/Path Name / Value
ak.peethach.com/ Name: OAID
Value: be6d55f64af242acaaccea5cb7fda7d1
ak.peethach.com/ Name: oaidts
Value: 1707254069
totalnicenewz.com/ Name: OAID
Value: 783b82062a1a29f02b8f762106184a1b
my.rtmark.net/ Name: ID
Value: 783b82062a1a29f02b8f762106184a1b
totalnicenewz.com/ Name: syncedCookie
Value: true
totalnicenewz.com/ Name: prefetchAd_4662728
Value: true
totalnicenewz.com/ Name: reverse
Value: kOi5VqzbR-Z9-x40I3VP2jPPgI0v3wDWBRCkbRpn0gM
totalnicenewz.com/ Name: oaidts
Value: 1707254071
.track.additionalbenefits.org/ Name: 742ca7d8-c5c4-499a-a412-67ea49912e87-v4
Value: kBRnC80XvL4q9duj3bJvjzYvXgAWk0LtWbXpgRmN1Wc
.track.additionalbenefits.org/ Name: cc-v4
Value: hzicHeOzLqkp%2BhzyQCHwMjshsEIGP8s%2Bo27hRh3s%2BZmlri28Uc92ukZEAOECMxnXnpGL1A8NjiKMEceT6i2qM8Gs4%2FLVt34kWDF8bnuUo8B452cv%2BTMkWbcO030m69In9Awc2NPckAfIFfYVNHC8qg%3D%3D
equi5.subsidyaid.com/ Name: eventID
Value: EVENT_IDB0CF65F7-224A-4788-A3CD-92714CBBE735.F715D95C-DE45-4A98-9F00-442D7F8239C0
.equi5.subsidyaid.com/ Name: eventID
Value: EVENT_IDB0CF65F7-224A-4788-A3CD-92714CBBE735.F715D95C-DE45-4A98-9F00-442D7F8239C0
.equi5.subsidyaid.com/ Name: visitor_id
Value: VISITOR_IDA1F175F3-7C3C-4D31-AAC2-6D42E4C7FFF9.6B50EAF3-9DFA-4605-8E84-BAFBA3BFAA3E
.subsidyaid.com/ Name: eventID
Value: EVENT_IDB0CF65F7-224A-4788-A3CD-92714CBBE735.F715D95C-DE45-4A98-9F00-442D7F8239C0
equi5.subsidyaid.com/ Name: gclid
Value: null
.subsidyaid.com/ Name: gclid
Value: null
equi5.subsidyaid.com/ Name: grbaid
Value: null
.subsidyaid.com/ Name: grbaid
Value: null
equi5.subsidyaid.com/ Name: wbraid
Value: null
.subsidyaid.com/ Name: wbraid
Value: null
equi5.subsidyaid.com/ Name: acc_id
Value: null
.subsidyaid.com/ Name: acc_id
Value: null
equi5.subsidyaid.com/ Name: placement
Value: 4662728
.subsidyaid.com/ Name: placement
Value: 4662728
equi5.subsidyaid.com/ Name: visitor_id
Value: [object%20Object]
.subsidyaid.com/ Name: visitor_id
Value: [object%20Object]
.subsidyaid.com/ Name: _fbp
Value: fb.1.1707254072625.225942359
equi5.subsidyaid.com/ Name: vl-cid
Value: w6nbpou525j7fd0v2u4sltc2

10 Console Messages

Source Level URL
Text
other warning URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778842621920677908&ssk=efcc456be59dc0443dbb3fe7f11e676f&svar=1707254069&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/afu.php?zoneid=4662728&var=4662728&rid=01rRcJlUYhuPvc1Bl3BO0Q%3D%3D&rhd=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/afu.php?zoneid=4662728&var=4662728&rid=01rRcJlUYhuPvc1Bl3BO0Q%3D%3D&rhd=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1279112236350881?v=2.9.145&r=stable&domain=equi5.subsidyaid.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://o4506236711272448.ingest.sentry.io/api/4506247999520768/envelope/?sentry_key=af570c650df8c0a8b2bf41eb906104b8&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.peethach.com
api.ipify.org
connect.facebook.net
datatechone.com
display.ringba.com
equi5.subsidyaid.com
fonts.googleapis.com
fonts.gstatic.com
funnel.improveourcredit.com
js.callcdn.com
lander-main-microservice.netlify.app
my.rtmark.net
o4506236711272448.ingest.sentry.io
totalnicenewz.com
track.additionalbenefits.org
track.subsidyaid.com
www.facebook.com
www.googletagmanager.com
my.rtmark.net
104.154.135.87
139.45.195.253
139.45.195.8
172.64.204.9
23.46.156.160
2600:1f18:16e:df02::64
2600:9000:23cb:2400:9:5bab:8100:93a1
2607:f8b0:4006:809::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2008
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
34.120.195.249
34.123.196.68
34.232.110.131
54.197.77.77
64.185.227.156
02643c4790593efc994305a03557d68b339e66b3e1dbd390ff10726430dea506
07edc267cf6450c21b85b43d498632665b785593860e4ea9911219d890179863
0e4b455181a5b285f26758971d8f0b47ee821307adfbf91b6c75602f50c94a0d
1121f900845e1e1d10a24d0ebeca2cba7980de8b55118546879a2e1a54b638d9
176f2cb0f7d0d607cf3903b22162cec1387e1cfbf363d76b29a2870ee1146128
1b35261b95ec779b25d6a27b1b2c1c2d6f1c08f329ffd643478ad63d7ddcdea0
24f3eec973f85eff1221c57c123ae764a8bd2bf3a92062c2654f247bb66717e1
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b
2f173c916b1212cc137914cb7cce49b8a8d006d735e81fabcd93c527603923cf
41c5942b665b0d689809e54ad42a829ad7d05b465da0ef6a6834a73f3b40e6b3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
473117f35950ebe0acb6f48663d946b9c1498abee246adff6824a8f6fa0db210
4b6b521ede30a447e49737626a863c172251ebfffaa0bb92e1b226a7cf77608a
52f809a027f33d0085ab318e5877b51537af799f15847721d347f722e6270db5
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5b8e5d2f27e9fb10aae3edb56fc9134aed9ab59317b7a1fbc7f19bdaca05ffbc
5e53d918f1e31a51d64f9780fa1c4d91fcac71db9c13fcb9194d633213158bc7
74e959bdf6b08b492e3b51a00f380ec6dc909967a3e3bdc62f90f9921c77d251
789b421b522b89a400280aaaed0096fb4c36e54da676914528442495abe7d782
7ee7f061f864c34e21a8a9c0a753ec7e61415a7032fc0b04cc784c0134956db0
80abedca3ba299cc7906050a0256e9556544e1096a5cb24ddb6842bf6cbb029f
83b78ab2ca543f34ac77a105efaff8fd77bbdba44939b8be442a1bcc85f14cb2
858934fe6f73f6f9790690ffad9db2a7b5eaf134d732338b24b6e46dc4c55cdb
a65df679865cbe83d89e0edcd0f684ea66169fedee5b420cf1b6544e9fa13845
aa1ca7a298c05fcd0b150c05da0bfaae7c50d2a762631fcaaefb0c40b4806767
ac3ba2682d0374dddf34975ff2bb89421d8e122ee3477f0f5149c61bfd7855bf
b3b59ed497b64917f794e3ee961cbf9dfc4ff6ca5033f9b28d8e76b0c0a2623d
b416c2ebf4b4d4e71bd515a35a15f45da09c708728cfedb05dc3ed2902fc68dd
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
c7623f78c48eb0bd7a7c5eb612f76df48db68d23fc83bdc193f62c15c035b33a
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f
d3856b4d11d76e6f4fa87973b4ec83dd6ef0e9cb6eeda65b884727f33512fc4b
d5d132d5e82f5a6853b674d6f147140725d697c9b3579effa5c6a0ada71014c8
dbc384bd02b57754a0bfab2891767aa3fa65100af6f9e7947c09eef292606d0f
ddb682b2e3d2ac7f1e637ed27a3b98f4b88145dd09742da03c35ee597b1df525
ddf815a7a7b5ad1e87132638f5d141599075d6f61a5700e21dfd5e44209253ba
e2166b2470e0d750df08d439a5630ad8303285a24821f75a69ee52cb90a4e6ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ac9ad730d43956d46938079899f41f83714aa8e8affc90186373773c528706
e7dbc52b6251e2de98528b3e603c7f507dcc0e2a6a3a2f416bc4e80a4041cf73
ee82b191319cab951f67e31261e7c36a53bc0b49fe818f7523614140385b4c2e
ef3e7e94fc36d961b807c8fa6c2bbbd5cf60a746a95c0d01f331d847156b198c
ef6ebebb5f3b1f249439235c20ce8b7b4da09b4865c7e02cc508b70bfaf54cf9
f256c7613955dae449b7ba9d1f3be745949c30db8135da14b58a2ea2193f4652
fa9bb74cb885084014960f08e9bcd5fff5eaff8575dc00dd3e70d0a21a426a4a
fbefb53e718f4e5f3c2d02656af3678f10b9388a82511855617830f58cd98f61