freedomheadlines.com Open in urlscan Pro
2606:4700:3030::6815:2278 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465
Effective URL:
https://freedomheadlines.com/
Submission: On February 11 via api (February 11th 2024, 10:13:44 pm UTC) from US — Scanned from US

Summary HTTP 102 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 25 domains to perform 102 HTTP transactions. The main IP is 2606:4700:3030::6815:2278, located in United States and belongs to CLOUDFLARENET, US. The main domain is freedomheadlines.com.
TLS certificate: Issued by GTS CA 1P5 on January 22nd 2024. Valid for: 3 months.

This is the only time freedomheadlines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2600:3c00::f0... 2600:3c00::f03c:93ff:fe39:3408	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
52	2606:4700:303... 2606:4700:3030::6815:2278	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:5400:b:6268:b880:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:247... 2600:9000:247b:c800:3:7df3:55c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	34.149.139.129 34.149.139.129	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:251... 2600:9000:2511:ea00:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	108.138.128.34 108.138.128.34	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.85.196.253 54.85.196.253	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:4e9... 2600:1f18:4e9:5a05:c89c:b2af:dcc6:f0ac	14618 (AMAZON-AES) (AMAZON-AES)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 4	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
102	31

2 2600:3c00::f03c:93ff:fe39:3408 (Richardson, United States) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

mailz.leafybranch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2606:4700:3030::6815:2278 (United States)

ASN13335 (CLOUDFLARENET, US)

freedomheadlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:5400:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:247b:c800:3:7df3:55c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.139.129 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 129.139.149.34.bc.googleusercontent.com

decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:ea00:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.196.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-196-253.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:c89c:b2af:dcc6:f0ac (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.162 (Queens, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	freedomheadlines.com freedomheadlines.com	6 MB
10	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649	71 KB
8	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 cm.g.doubleclick.net — Cisco Umbrella Rank: 258 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	172 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2136 google-bidout-d.openx.net — Cisco Umbrella Rank: 2135 us-u.openx.net — Cisco Umbrella Rank: 530	2 KB
5	gstatic.com fonts.gstatic.com	160 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 3029	8 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	decide.dev cdn2.decide.dev — Cisco Umbrella Rank: 29810 decide.dev — Cisco Umbrella Rank: 23055	6 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 347	716 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 304	2 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 920	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 854 id5-sync.com — Cisco Umbrella Rank: 419	26 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	149 KB
2	leafybranch.com 2 redirects mailz.leafybranch.com	931 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114	51 KB
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 493	604 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 667	13 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1287	6 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1783	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2476	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	901 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2735	3 KB
1	lockerdomecdn.com cdn1.lockerdomecdn.com — Cisco Umbrella Rank: 25292	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
0	jeeng.com Failed users.api.jeeng.com Failed
102	25

	Domain	Requested by
52	freedomheadlines.com	freedomheadlines.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	cm.g.doubleclick.net	3 redirects google-bidout-d.openx.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	gum.criteo.com	1 redirects static.criteo.net
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	s.amazon-adsystem.com	1 redirects google-bidout-d.openx.net
2	oajs.openx.net	1 redirects freedomheadlines.com
2	cdn2.decide.dev	cdn1.lockerdomecdn.com
2	www.googletagmanager.com	freedomheadlines.com www.googletagmanager.com
2	securepubads.g.doubleclick.net	freedomheadlines.com securepubads.g.doubleclick.net
2	mailz.leafybranch.com	2 redirects
1	mug.criteo.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	pagead2.googlesyndication.com
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	decide.dev	cdn2.decide.dev
1	cdn1.lockerdomecdn.com	freedomheadlines.com
1	fonts.googleapis.com	freedomheadlines.com
0	users.api.jeeng.com Failed	freedomheadlines.com
102	34

This site contains no links.

Subject Issuer	Validity	Valid
freedomheadlines.com GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.lockerdomecdn.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.decide.dev Amazon RSA 2048 M02	`2023-11-26` - `2024-12-25`	a year	crt.sh
decide.dev GTS CA 1D4	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-01-10` - `2024-06-26`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://freedomheadlines.com/
Frame ID: B9783D42506B2D50436EB9FC13326ACD
Requests: 92 HTTP requests in this frame

Frame: https://decide.dev/lad/14729220068684902?pubid=ld-14729220068684902&pubo=https%3A%2F%2Ffreedomheadlines.com&rid=&width=1560&path=%2F&x=-100779&y=101199
Frame ID: F856F491B14D1160FB9429711F5A3927
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BBA996FD5AAF74ED18DCA0B22CF4BE80
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: F40241FCA0AC35BA27C19354B4E9C874
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=freedomheadlines.com&us_privacy=1---&gpp=&gpp_sid=-1
Frame ID: 8F936E9EF62731F75B36BBB3EE7164C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Freedom Headlines | Top Political News USA | USA Politics – Freedom headlines provide the latest political news in the USA. Read the trending today news headlines in usa and find the best news about the politics.

Page URL History Show full URLs

http://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465 HTTP 301
https://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465 HTTP 302
https://freedomheadlines.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

102
Requests

93 %
HTTPS

59 %
IPv6

25
Domains

34
Subdomains

31
IPs

3
Countries

6679 kB
Transfer

8491 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465 HTTP 301
https://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465 HTTP 302
https://freedomheadlines.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://oajs.openx.net/esp?url=https%3A%2F%2Ffreedomheadlines.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ffreedomheadlines.com%2F&rid=esp&cc=1

Request Chain 86

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=541f3af0-b329-cb4d-19f3-a72c87cc0ee2 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=541f3af0-b329-cb4d-19f3-a72c87cc0ee2&dcc=t

Request Chain 87

https://match.adsrvr.org/track/cmf/openx?oxid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c9892ea7-01ec-44d2-b080-b7652ec979b6&ttd_puid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0&gdpr_consent=

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjBhNjk1NDctNjZmNC0yZTEzLWNjMWQtN2YwMjI1MWQwYjYy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjBhNjk1NDctNjZmNC0yZTEzLWNjMWQtN2YwMjI1MWQwYjYy&google_tc=

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFDo0Wk_sHXISGbfkM16mw&google_cver=1

Request Chain 100

https://gum.criteo.com/sid/json?origin=publishertagids&domain=freedomheadlines.com&sn=ChromeSyncframe&so=0&topUrl=freedomheadlines.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_pdgYXxjNTJ5YXViWGJPdVd1bWdpcGg3a0sxaVFoTFBCTW5vWDNUOGtRcmdJTjROSG4xZzBlT0JVL0ZEWlBQUUJEVjg2cEFuTC9iQ09EMjk1ZVZOWExNWXVWRTh3M2VOUHFsSmRNTlJwVzVpd1BJaGI0bzNSMXZVVUM5L2hPa0N0azJSajZFSHhmZjNlL2hPWnBycXZjenNONXFZWjYzYkNTcGVQS3FZOGJIOEZUcjR4TEt3bk5VaVQyb3V3bDlSVDArU3h3b0FQdVRabmZQOURyUkVWWHA2ZEtSZjFDRmc0dDhoR29kVUJkV1R0ZnAyS21GS0lxWkJyN081YWVHZ3pLWEdzQVovdi9iVFFrejk3NncrZnhyZThITnh2WWZCSVB5bTc5TWc0Y0NqVkREUT18&cppv=2

102 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freedomheadlines.com/
Redirect Chain

http://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465
https://mailz.leafybranch.com/index.php/campaigns/ht7504drhm028/track-url/rp823kg8md5c5/0.35966528134263465
https://freedomheadlines.com/

111 KB
17 KB

373ms
90ms

Document
text/html

2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a9c296e741efdd14a3b5bd5daa4c977038b45df0c810f1315e9ebe0bd428937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 853ff08d0c424bbd-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 22:13:32 GMT
fastcgi-cache: HIT
link: <https://freedomheadlines.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4F%2FxRbZPmSK6mrAVV%2Bl8PWciJFQiGse0L38DupALocVMGnDFrC8SO7ha1hzUoMeB0gN1juPm2BZQaGaVcugSVBPQD65z9GhjFp6Yh6Goj0r%2FEaiQ1Xa%2BmQlJc%2Fdn%2BKeWoiQwe2L4L4wr4fHefYyvjaoOrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 11 Feb 2024 22:13:31 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sun, 11 Feb 2024 22:13:31 GMT
Location: https://freedomheadlines.com/
Pragma: no-cache
Referrer-Policy: no-referrer
Server: Apache/2.4.56 (Debian)
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block

GET
H2 200 style.min.css
freedomheadlines.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 58ms
52ms Stylesheet
text/css 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:02 GMT
server: cloudflare
etag: W/"6352011e-145db"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6AAQtzauvO89IVSDN7es%2BN8At8WGe0p%2BDMhzLT%2F8HArGbo8cyuhH1nfFfkPcBdMU6wFC6Tk95gesIfTveE9%2FbNYkDTwSkqzVZ36DsdVRobXtb%2F5OJG08bhY4sVGPKhB8GNonHrApFN5v8TxnfTXoVPgaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc924bbd-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
freedomheadlines.com/wp-includes/js/mediaelement/ 11 KB
3 KB 56ms
51ms Stylesheet
text/css 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6848407
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:01 GMT
server: cloudflare
etag: W/"6352011d-2bf8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wWt97q%2FiLaOSILhJ6eCxOPKR6KrGOimC0tAdh%2FBWVTL6B6Kwnh5JoE19h5JCepOcDw7iT9K6wdBfNAFsFyedqMZ0AXCF9Lw5%2FFBD45WcWmMkmiB9kpHAv1pGn3%2F5J0eVDd2RS6H9o5V8OO67lfdeDAbYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc934bbd-BUF
expires: Thu, 07 Nov 2024 13:02:07 GMT

GET
H2 200 wp-mediaelement.min.css
freedomheadlines.com/wp-includes/js/mediaelement/ 4 KB
1 KB 54ms
49ms Stylesheet
text/css 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:02 GMT
server: cloudflare
etag: W/"6352011e-105a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1qyISldo%2BKg%2F%2FWrePqizOfaIOLHauJA6MT%2BeYnCbCzm2Z8P0txQQdAKt7DCzXEaXY0qvRAWZFMX2zsKgEwJJfWze4%2B%2F30VzhDGApNgHk2Kqa4ROKdqty1YMCU6kP1dSQlOpaiezzfDD87cET85oOug4Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc944bbd-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H2 200 components.css
freedomheadlines.com/wp-content/themes/breena/inc/assets/css/ 52 KB
11 KB 59ms
55ms Stylesheet
text/css 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-content/themes/breena/inc/assets/css/components.css?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76bbe117102ce802cd20b57f9722133d7924bb3395bfe201f8f0b515a81c46dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:19 GMT
server: cloudflare
etag: W/"6352012f-cf80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmYtu9jZU6c9WtTBV%2FZE1fEmXWWqowxHr5z8u6FetSFLcBSLzUdmy3U8oxKPHei3W%2FUxMmjpKDnwsagKlMTt%2Br1vz8HY1p1jZYDComqQ%2B0s3RhhOn5pnjTdyoYl9M1QxdBBIuhsGKwa6x3%2FdsbpI%2FLufVg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc954bbd-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H2 200 style.css
freedomheadlines.com/wp-content/themes/breena/ 106 KB
19 KB 86ms
82ms Stylesheet
text/css 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-content/themes/breena/style.css?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f673a8adc98789a6eca1dd65c67fb782787f2571ba2730bb8c5f69bea7b5bc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 780675
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 01:58:37 GMT
server: cloudflare
etag: W/"6351fccd-1a9ae"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dYnbmcB3BbZ2U761%2FM3CBKf5ToRelSq8SViawmybGdwvGulVa%2FpCDUuZszipfu%2Bd8tJ2sxXezg%2Bsbx7jYEn1otrgL3kPmpy46xJKU%2FjDn7B3qqU%2BRSIT7n81vD5HujJbuJJ9OSUlz2yVTPEq%2BLd9NURlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc964bbd-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H2 200 responsive.css
freedomheadlines.com/wp-content/themes/breena/inc/assets/css/ 15 KB
3 KB 56ms
53ms Stylesheet
text/css 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-content/themes/breena/inc/assets/css/responsive.css?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e99d9f642cf26e56bad3ff3705fd8ab8ea028ffa302405d1642bb7456d796a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:19 GMT
server: cloudflare
etag: W/"6352012f-3c33"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSezMyotDKD0n4IlIe8xSWSN%2Bw7nUe%2Bw%2FaS7cJ4RYPe6YQsbg4lioRb1SmgXUf1zp%2B7%2BCLYK%2F1NfLdcLX7z6g3FQag3kDH2u3bjYA4N0Pk06aLjydmtPzVMlpC%2BNsBr1c94%2B%2BGJ3OH0slc7U%2BQPByKmbVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc974bbd-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H2 200 font-awesome.min.css
freedomheadlines.com/wp-content/themes/breena/inc/assets/css/font-awesome/css/ 30 KB
7 KB 84ms
80ms Stylesheet
text/css 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-content/themes/breena/inc/assets/css/font-awesome/css/font-awesome.min.css?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:20 GMT
server: cloudflare
etag: W/"63520130-7918"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wk9QeeTxrLpJnqjRv%2Fb5GPT9SDt1C30yB0DPLppHSOFTdAzDqbL8USj4p%2Fl6rDaRcKZrOqUUbRA5cjcFZvuE6Wj3fN2%2BW1HKXVxxsW8cI0j2O0aIa2Iw%2Ft7GAK8PQkR5ZGZIG%2BY1rifDVP6aObTRPM5Ydw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc984bbd-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 58 KB
3 KB 430ms
46ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CLato%3A300%2C300i%2C400%2C700&subset=latin%2Clatin-ext

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53516be0a9c5da939f915dd0b838deb739eade601227bcbecbbcd30f3aa141d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Feb 2024 22:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 22:13:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Feb 2024 22:13:32 GMT

GET
H2 200 jquery.min.js Show response
freedomheadlines.com/wp-includes/js/jquery/ 87 KB
32 KB 86ms
83ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 780675
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:02 GMT
server: cloudflare
etag: W/"6352011e-15db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Wa6EzbvSDFaWG7Bhil%2FqvaQk0b2VWjRPEkx6QFe2q5Yu5CLH3%2FznD0okTxTFYadoPIeE5XKvN6B9yEUDLFQib6wQzNvQxR9xAvKBu6pIhubEXxd%2BSp3Q7%2FFCo2pQhuCS3RlLIWDU9v4lwF488mzl8pXPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc994bbd-BUF
expires: Mon, 11 Nov 2024 13:10:50 GMT

GET
H2 200 jquery-migrate.min.js Show response
freedomheadlines.com/wp-includes/js/jquery/ 11 KB
5 KB 59ms
56ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6349257
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:04 GMT
server: cloudflare
etag: W/"63520120-2bd8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZlABpEJpA82F3nIjIRGAjk43D7G4lk3xJN3J3WHCqKJPmsOTROjZatVRswnLsTmnlP9wAY80BoEbSDoGnzhtkadieCTSd8m4P6aE9rIYliA6ZxQEiBKlsptTihCvKpl8NzIJCfXVGWV%2FanR%2BA53rjYvPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff08dcc9a4bbd-BUF
expires: Thu, 28 Nov 2024 12:19:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
30 KB 224ms
63ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15fdd50a7fe7f3a79e1115d84e5e2109bd20575700f293449dc33e50b54b7278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29776
x-xss-protection: 0
server: cafe
etag: 396 / 19764 / 31081002 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 22:13:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 145ms
51ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32644619-11

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68e31ce0af00a64739c011e443360551f543cd78c0f6d8fa74782af0ed468ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70760
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 11 Feb 2024 22:13:32 GMT

GET /
users.api.jeeng.com/users/domains/mO6DXK83XA/sdk/ 0
0

GET
H2 200 FH-2021-sized-1.jpg
freedomheadlines.com/wp-content/uploads/2021/01/ 28 KB
28 KB 56ms
54ms Image
image/jpeg 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2021/01/FH-2021-sized-1.jpg

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 864753
alt-svc: h3=":443"; ma=86400
content-length: 28587
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 01:55:25 GMT
server: cloudflare
etag: "6351fc0d-6fab"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSTucuiadSD1haWewQfbllSexdB6INX3MfoyC8aAoUiG%2Bg0h6pXM60BNmmZNl9GjDjcrtRh7vZSjlHaefBgeNo2vlw3h%2BLGXMROZJfR3EYaEH2gq99O%2F25AA7HGJOYLgWetbk5Z%2BNx06vT8aDdpXT2YtQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff08dcc9b4bbd-BUF
expires: Tue, 12 Nov 2024 11:19:06 GMT

GET
H2 200 Screenshot-182-800x462.png
freedomheadlines.com/wp-content/uploads/2024/02/ 415 KB
416 KB 85ms
84ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-182-800x462.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3417f08a454ce5a2c9109fd0cb417546357afa78dd2571804c0fd718b4e816f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2837
alt-svc: h3=":443"; ma=86400
content-length: 424822
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Feb 2024 01:01:55 GMT
server: cloudflare
etag: "65c81c83-67b76"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ozun5gXR%2FH8mQEqQhDSciWxPYbpVT%2F%2Bni4UpE9j7nMmMR2C%2FjPpgSIZtp6TvWfc9XmRwU5duEu7zclzV0iqGUDPKNNwH%2Fn6r5TnIIXu1MsO5y%2FIxBbLY8xQsQ7%2FQnxaYazbgB4IaI7OkHPUddJjwOLqGQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff08dfca74bbd-BUF
expires: Mon, 10 Feb 2025 01:03:11 GMT

GET
H3 200 Screenshot-181-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 145 KB
146 KB 38ms
37ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-181-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c925ec1476277c191bdcad290ba04f1ea9121ab6cc7f2ee96d3f50a4046e154e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2837
alt-svc: h3=":443"; ma=86400
content-length: 148829
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Feb 2024 00:40:49 GMT
server: cloudflare
etag: "65c81791-2455d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ju3%2F7wkjapSKCGfI%2Fp8AuJKOlrlmWdAh%2BXqMI6cc1%2BA2ifybFkcacieZfCJEYdkxp46qgHcRSD7GhFpXX6rjtBDPBE3BZ7BkvIAgYSFBJrETw8xvpo0jTtUyEdQOblqjETLojgpvPUgn0idFQGWkyryUFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff08e58834bd2-BUF
expires: Mon, 10 Feb 2025 00:41:21 GMT

GET
H3 200 Screenshot-179-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 142 KB
143 KB 285ms
284ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-179-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d7ca0b9d64011d1d986ec276bc2240a54199f883c0b718471b7d5e0b208228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2837
alt-svc: h3=":443"; ma=86400
content-length: 145523
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Feb 2024 19:43:44 GMT
server: cloudflare
etag: "65c68070-23873"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KJPO2w%2FwW3eKKz3kWCI4YqjKpkI5gdZR0zgPnFbWbyIp5BNh10kGjnJLbcACdtYJgFH%2BWK%2Bhmze5Qv1%2FW%2BOBuI0unCq0YzWM5ZIulV3rCD4grxusulFnjJpYDqrJcKSIPz%2BBrVW4o1SSpo%2Bgg9bdY%2FovA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff08e989f4bd2-BUF
expires: Sat, 08 Feb 2025 19:44:07 GMT

GET
H3 200 Screenshot-177-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 184 KB
185 KB 161ms
155ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-177-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6a70e6e0bcad7e4594eda95e649104dbb17cd3bd3f5b87aa07784814073ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2837
alt-svc: h3=":443"; ma=86400
content-length: 188812
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Feb 2024 19:26:21 GMT
server: cloudflare
etag: "65c67c5d-2e18c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnpxVdVTPvyCQ1wlMiAMwonUMZdOSGBsoziTcWE5mOg17Xp1lnCgxDTZvH%2B7cXVsEIBDbFio1w4YCzYk7EUV4rhalcFOk3ST8RJhiYb7moTFYCPTWzu5tB%2F4yOzyiAV0zj4X47xu4bwTivCR58ydN01MSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090694a4bd2-BUF
expires: Sat, 08 Feb 2025 19:26:55 GMT

GET
H3 200 Screenshot-175-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 172 KB
173 KB 501ms
486ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-175-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e11c07af27692f028fd0b99be86ab8bbf352f0719c004a50fc515be69eeadf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2837
alt-svc: h3=":443"; ma=86400
content-length: 176527
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 22:19:57 GMT
server: cloudflare
etag: "65c5538d-2b18f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8ATTfW2qus0VFei5mchXcisptHDYR4NGVbp3LNU5q9l2gRZnKRGI8L9J%2FmP3ZCAj%2FDYw04fj283TUEBkWgNYW%2B%2BnraxjZESs%2BJ5DlKSbDkiRfCOU7koklwg0vZeAAcmFe0KUVqSI6YuiEcM3fcsEgKLng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9634bd2-BUF
expires: Sun, 09 Feb 2025 07:01:03 GMT

GET
H3 200 Untitled-design-12-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 125 KB
125 KB 637ms
622ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Untitled-design-12-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

187ac694e850167fdd2f736e8d18a46097412ee3ca36edc39a54924ce58a92d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169747
alt-svc: h3=":443"; ma=86400
content-length: 127500
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 22:53:37 GMT
server: cloudflare
etag: "65c55b71-1f20c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PqgHmjulxcVoID8f0xKXV4btUlzRz8JbP8zVFMLB3fVud46nG2ARsV6Zl5zbBUk9L98FtiUy5d17lKXhJEj1J6P8U%2FbltzTAc0LHF98ypX7HmtjIiC4VhJJXNpjLTyp2ph2KVB8GoyfmX2Ncz8NBFyg5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9644bd2-BUF
expires: Fri, 07 Feb 2025 22:54:00 GMT

GET
H3 200 Red-Abstract-Income-Money-YouTube-Thumbnail-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 145 KB
146 KB 723ms
709ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Red-Abstract-Income-Money-YouTube-Thumbnail-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548ac92055db7d54eee87e56dc70b947ca6bd5f4137b466aabb581111e447189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 148601
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 20:17:48 GMT
server: cloudflare
etag: "65c536ec-24479"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89bMe%2BLk5F%2BqcnJ8B9mFZz3Nu1N2sT9UvlNwiIgQ%2BK07QLYVnXMuGkf2Q2m7v0mnTqYTFhXK%2FmKMR9EcSO7Z7qr%2FDJIcmS8j38A8tWzkfD0XtRKxYvqW0cQ0jDxVrKJXla7qHGlvKN6AS3SBtywDHXOy9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9654bd2-BUF
expires: Fri, 07 Feb 2025 20:18:06 GMT

GET
H3 200 Screenshot-174-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 206 KB
206 KB 834ms
819ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-174-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea137e9308a920bc68c3f46f2568700a5b388af64b565d2b42b1183bd600dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 210680
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 21:41:31 GMT
server: cloudflare
etag: "65c54a8b-336f8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeA7EGOXBNtatLVLe6nWLHSfNY1KvPkY6ce0iaPwmmJ28fr661gIFE49lSrwazbg3IwbKzlKuSjVynxXt2hm2RAGXqpG%2B5iw4WUIDgYK%2Fr3ZtfNtz4hE%2Bu2Z3wWjJciGoMdj%2BFqsJFQ3Qq2ePH12C09q6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9664bd2-BUF
expires: Fri, 07 Feb 2025 21:41:54 GMT

GET
H3 200 Screenshot-169-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 206 KB
207 KB 979ms
965ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-169-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df05212bb889615bd56fde21376ef68d499860205943aaac71fc45d2a207b8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 211245
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 00:12:23 GMT
server: cloudflare
etag: "65c41c67-3392d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNr5jUbWpFaiFbzKCaDe5NqwQxycH4dG%2F9xxxiDeP%2FSHYld8sQs6tA96kpOLS%2F3e1Y5SjWmMcbnCPI93j2x7ApIkZtrj2%2By2lWm2A6AR1eXvoSBRURBphCgATUBsbFodxcq1NPVSYKjDuMZTaS%2BvHtlV3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9674bd2-BUF
expires: Fri, 07 Feb 2025 00:12:44 GMT

GET
H3 200 Screenshot-166-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 135 KB
136 KB 1103ms
1090ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-166-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9efd3741128651b2b5ad304c0c8c0a5341446918063f2f5f141a08779f05896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 138614
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 23:16:36 GMT
server: cloudflare
etag: "65c40f54-21d76"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtWwfYuGEvzZ%2BH7F70R%2BnMmCxXbLR0zW4kup8jd1ml5KkWOsjbO1uR2AADHh4M%2BHE3%2BN44MEXcYqeOF%2F%2BGsHXchIKmZxYWgm6AOJbTvdlcrksWxi20XnldzwH%2FSytRuH9gK%2BoQ8c2DrDQlrA0vbyw8YlqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9684bd2-BUF
expires: Thu, 06 Feb 2025 23:16:58 GMT

GET
H3 200 Screenshot-168-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 157 KB
158 KB 1178ms
1164ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-168-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27348c25398b02664f6e2b4bfeb1dc662d2144366783cf0c8c182b4c40c6feda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 160684
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 23:58:37 GMT
server: cloudflare
etag: "65c4192d-273ac"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axQaVzcVqM%2FKlXU%2BpuS2ZkhBSeioccxoW0ugL1FjRKe6YCrZhbdxoZTP5g99taR8xycXGz2ufdpdfNEG87ahNKDMJNulLu3ZDn6azvJgBg%2BEa0SuXTjACdewpMtckOhERicOSEUddPvkgAGHa42CWN%2F9qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9694bd2-BUF
expires: Thu, 06 Feb 2025 23:59:10 GMT

GET
H3 200 Screenshot-163-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 144 KB
144 KB 1273ms
1260ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-163-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3f3af7f51784ed4f949a73ea169afd133ee7c27525717273c89a57c7ea5017d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 147258
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 23:42:51 GMT
server: cloudflare
etag: "65c4157b-23f3a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VP6xenormTvWBk0Oy7iN6bfBer%2FoiLFTqVqXwGCysdnfAHmvTfJJwMezVdUjHB%2B0%2F%2F%2BCtC0nCnMbT%2BG8%2F%2BsDdnn1Df%2BvyqN1wODJX0oGx27RV877XNhl7A5IhqkIeSQNxtfYa2krbczgC6uNdiU01Txb%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a96a4bd2-BUF
expires: Thu, 06 Feb 2025 23:43:17 GMT

GET
H3 200 Screenshot-152-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 142 KB
143 KB 1331ms
1317ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-152-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c90ef09cf0dd580edfba04b4d7fa5f3230b0cf47771511f192e34039f60070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 145743
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Feb 2024 16:54:39 GMT
server: cloudflare
etag: "65c2644f-2394f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2h7jjdnDdmTcKUSH6CTEeW1%2B1vyrCdXcrcf3qViaSxorb9SFuix%2BuaMj297sqUFoRp3RlZRYePFx6SrfxkrXFHNF0sX6O%2Fssn1snE%2Fx%2FwfHZJoZnmDGSAJQNuInhvv%2FffnONdxnQtQOqIyF%2FbddKuF4Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a96b4bd2-BUF
expires: Wed, 05 Feb 2025 16:55:03 GMT

GET
H3 200 Screenshot-165-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 177 KB
178 KB 1392ms
1378ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-165-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e3066e7ed6a0b5966c1a07d49fe12a5b8055410b672bae1bcfa988e1f6460a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 181689
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 05:07:24 GMT
server: cloudflare
etag: "65c3100c-2c5b9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLuU8d8zh%2B%2BvURJ7Sf%2BPZ64VZ1iVWpt%2BhJ7olqtdkE5Y3Mfn6bbVGx5cDgLCuSbOGloppGTHe3lHYIP75qNF5uczLoiAgvceQ8d6nqw0hwF3zG1OBMc1Xf1Lz8t%2FyBAtzY0qoGQhE4jmH1EIx9BDMGw3og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a96c4bd2-BUF
expires: Thu, 06 Feb 2025 05:08:12 GMT

GET
H3 200 Screenshot-150-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 146 KB
147 KB 1468ms
1455ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-150-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b611b4d84df0cf7b36271516046e450429cfc5b82c03524fb8dca1b769488159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 149572
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Feb 2024 16:12:58 GMT
server: cloudflare
etag: "65c25a8a-24844"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLa%2FZ%2FfKD9V2kfBZKQD88Ts0RrxTY%2FcpCbQOeHLjQQmTl26XlBX6jFmlyhs%2BpIq3kyAfIsIrfW8%2BivXRw%2FOqNki7xSkIdeW2r2tnZL98baxwY8OD3aCId4h81uxPYPRSmRECOyER%2BVHSh7ntoU0y%2BuE2fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a96d4bd2-BUF
expires: Wed, 05 Feb 2025 16:13:34 GMT

GET
H3 200 Screenshot-151-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 145 KB
145 KB 1534ms
1519ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-151-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e99595e3b264f17841eeacadf66d8518fb82c055ed8bc6fe13306d1fbbee9f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 148140
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Feb 2024 16:30:50 GMT
server: cloudflare
etag: "65c25eba-242ac"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBmx61M9zzXxqjdHyMgPXhBlGzKr1XWfxjikB254%2FmKB8gO0%2BkTjKlwV1WRz9oPmTq1vwITKzvjii1jmihxW6rIZlApYjw%2FMqNALsPqu8z9yCsqCLu0WudCkcx8FVP3WLcaX2deke59ldXMPjANLl1Tjmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a96e4bd2-BUF
expires: Wed, 05 Feb 2025 16:31:04 GMT

GET
H3 200 Screenshot-140-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 201 KB
202 KB 1596ms
1581ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-140-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac6e9505672e7219238eb414f437d26c9f9b7285f00c5dbd02e82ee3d8374be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 205908
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Feb 2024 16:42:19 GMT
server: cloudflare
etag: "65c10feb-32454"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCNRwLvl1nXZHV8RsCKXW%2BMiDn1EJ6gGzL6OueCnAyk2yx%2BbNAxDY7WB6ViIAnWq4qyCoTCqIPSAHwNjZ7uuyvR30AcCrW%2BUdYl4z%2FBiUJmwkunR07ODzbx4rM4MpClFCKR8xlOtRT4cbSJsd9zuwEU3fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a96f4bd2-BUF
expires: Tue, 04 Feb 2025 16:42:48 GMT

GET
H3 200 Screenshot-143-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 120 KB
120 KB 1690ms
1673ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-143-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bf94837e363dc2a3b4c54b15d15b0a90536ad55db6c9191e25b867a33bb2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 122658
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Feb 2024 17:12:20 GMT
server: cloudflare
etag: "65c116f4-1df22"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tG14r5bKdK64jdfRkHqzp5dbblk%2B6pexjWoo4WbvD4PIn3VzOkhL%2BSnqNqfsEcNKmsP2qhh7nrn154uuKC3E%2Fj%2BfTKfRGtEkrQPQkswxWVhiwGO8bbEI3PaDelKh1ONW%2BKnTEhkg%2BUVatWvI4hXqQYaDnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9704bd2-BUF
expires: Tue, 04 Feb 2025 17:12:43 GMT

GET
H3 200 Screenshot-69-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 170 KB
171 KB 1723ms
1706ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-69-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a81997224ea6b3cd7c4a3f5538be37b103ab12171b55c99ee7dfe25a46225903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 174514
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Feb 2024 16:58:07 GMT
server: cloudflare
etag: "65c1139f-2a9b2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BB%2B4FRk%2Frijezbvxaaad5r%2BUMuDuVMXoBrdttEv1wdFSEqevjMRc2OFos5KStKN7tpgh0tIySix0jzZzaSnD%2BkABQp6GagxvAEUpsYvJcSVDYSPxVHtfq406Fb5SOJLYJDKg1jUVSk7EOrQmRVsiu1F6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9714bd2-BUF
expires: Tue, 04 Feb 2025 16:58:33 GMT

GET
H3 200 Screenshot-144-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 175 KB
175 KB 1807ms
1790ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-144-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a958607d9e79a3d886868a88bdaca055bf913bfbe3cc8e8f12cf9333ed86a517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 178843
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Feb 2024 18:03:53 GMT
server: cloudflare
etag: "65c12309-2ba9b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcrr0ZoSRKDyLVsHmJLKSBVxThCHOHR5zfSQN6sai8nL4RGTUMi4xLQyrA8cMIXTceTGvOcEWLp6BBr97OoFuauVfWDd559PbBCaZ2Q38KPlMQ%2Br2HKgWntnncgUpZ55fZwXsNqPnAy7RBu4kjrjT6uCvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9724bd2-BUF
expires: Tue, 04 Feb 2025 18:05:53 GMT

GET
H3 200 Screenshot-138_cleanup-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 146 KB
147 KB 1865ms
1848ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-138_cleanup-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90635e9387d609021c98744f1c57f90fe34597a03506c9b3aa77419623255b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 149961
x-xss-protection: 1; mode=block
last-modified: Sun, 04 Feb 2024 18:50:31 GMT
server: cloudflare
etag: "65bfdc77-249c9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nMxQGSHI4ir95u5eiwIA4A1YyGcaJ69BeV9A4bi7wtkLUB8OdGovvfOU%2B6LOVCSFkaZ1JAtHXfT0%2BY2l0bfn%2FPx6pmmF%2BRB9gggi7Nm104jkF0sLrJ1pSZPNKibQ7eegIRCriQXlRAajGpixGyQ%2FKTnWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9744bd2-BUF
expires: Thu, 06 Feb 2025 10:35:55 GMT

GET
H3 200 Screenshot-135-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 238 KB
239 KB 1922ms
1905ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-135-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02dec2fffb65715a3fceb2ad95d50b8eb56f519e7a9a3718671d15d1527f48e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 243640
x-xss-protection: 1; mode=block
last-modified: Sun, 04 Feb 2024 17:34:10 GMT
server: cloudflare
etag: "65bfca92-3b7b8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zd7Suwu6UgtW9DzXGN6CQJBpUsvAolu%2Fjqi%2BZvh1riTjKTDmTMuuuq0nbXHwfOYBxGR5GYOijkT%2BFto6XamKKIOzDiD13a3wP5MQluV6gWmyL408mMgf75m3dpiG4f%2F3pbUKLvXplsK9ijyXAhtkexo9qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9754bd2-BUF
expires: Fri, 07 Feb 2025 18:21:11 GMT

GET
H3 200 Screenshot-134-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 228 KB
228 KB 2003ms
1986ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-134-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2daccf20003ab05bb2398f30e0c6590bc0de12050130d0417f58604663118daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 233299
x-xss-protection: 1; mode=block
last-modified: Sun, 04 Feb 2024 17:17:09 GMT
server: cloudflare
etag: "65bfc695-38f53"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYhthtU2Kf%2FkWdKTUJpvW43I70gB5GS3ItQ39ojQtwAmvPwVwbGjGJRYEk0pfqFDgYkcs6eg5axIurxBrVNR9ZpbAVClebf9eJ9bDRq4Dqur1MSttBkpKfPbW6vA84DXmUGCiP%2BMj13MWsKiDUkCJMPu9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9774bd2-BUF
expires: Mon, 03 Feb 2025 17:17:28 GMT

GET
H3 200 Screenshot-133-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 233 KB
234 KB 2092ms
2076ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-133-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7e14c54ef4766b96809b799ad013d3507921ac9f208ab6817e7fbe26b5b6a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 238586
x-xss-protection: 1; mode=block
last-modified: Sun, 04 Feb 2024 17:06:19 GMT
server: cloudflare
etag: "65bfc40b-3a3fa"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpEavZQe27pqaYFb3YtdG7Htytj1iKsA3Xvv2cspE1qbt5UBbXxOUyIw7AS2GONFCU80eRN6laHLQg6JpK4RppgIzgogZ2xZcGhyk2pFb1JMHXbxYTDu5lRx8rP%2BgrHOqyPA%2BphcHVqjfVoL6pXjB9LAZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9784bd2-BUF
expires: Mon, 03 Feb 2025 17:06:43 GMT

GET
H3 200 Screenshot-129-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 159 KB
159 KB 2198ms
2181ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-129-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8934e50a379b952d7519a1508598f3289b07d54fe60db6e1293b1a95d857b9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 162446
x-xss-protection: 1; mode=block
last-modified: Sat, 03 Feb 2024 15:23:51 GMT
server: cloudflare
etag: "65be5a87-27a8e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mujp5ne2eImSSn%2BV4x9NxEhhgGfr61Z4StKKOky6q3NqNy53KrUAGeM8Id8RLbScG%2BA9yGoH36HN62%2FP0qCNdtPoR4PDX%2BGC8qIk%2BPHsyOwnq6o%2FGMbgQGgIXX4A1r42GIV3GZtf7Kn%2B4Jd1fW12qQaQYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a9794bd2-BUF
expires: Sun, 02 Feb 2025 15:24:34 GMT

GET
H3 200 Screenshot-130-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 132 KB
132 KB 2236ms
2221ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-130-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92b19cf55c0e5b2dceebd85345b8a0899086f33716f987bfa10ca59b57c02fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606647
alt-svc: h3=":443"; ma=86400
content-length: 134726
x-xss-protection: 1; mode=block
last-modified: Sat, 03 Feb 2024 15:33:36 GMT
server: cloudflare
etag: "65be5cd0-20e46"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqtEVTlkcBWSG8w3BQ7Fe98Li%2BfwrdOPZ%2BIZgGTvwt2BaGSDKjS5XAvdqUE1uV7cqOkZSr%2BzJ2yotvHFyhxGEp1iQVtwNKi00Gw6dsRjCz%2BYfqkGysdD%2BNXfglcxpKEPsAXtZUof0qrbnm9Y8i0DrQtZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a97b4bd2-BUF
expires: Sun, 02 Feb 2025 15:33:53 GMT

GET
H3 200 Untitled-design-9-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 174 KB
174 KB 2286ms
2270ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Untitled-design-9-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fb01b44731d3b33d3a227b318e8be534cdd572945cae5789ae56f4d4ab7de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606647
alt-svc: h3=":443"; ma=86400
content-length: 177672
x-xss-protection: 1; mode=block
last-modified: Sat, 03 Feb 2024 14:33:10 GMT
server: cloudflare
etag: "65be4ea6-2b608"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGvjb910MAibF6Xb0gwL75DneF%2BzitN99deU9r19A53oZjCqofUaYvGj1w0IrP74oF%2Fd%2Bk2d3iF%2BfR1ahLmqz2N%2FJLyiN00CoERVAlJtgJGkUBGb3%2By0MydijA7liwqMudKwRLrnCtykCrmpoFVvdxSg2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090a97c4bd2-BUF
expires: Sun, 02 Feb 2025 14:33:35 GMT

GET
H3 200 Screenshot-125-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 159 KB
160 KB 2346ms
2330ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-125-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b308b20085577b2b60aff955b22f267ece44b4e900e7a0b03db2af62374d7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606647
alt-svc: h3=":443"; ma=86400
content-length: 162861
x-xss-protection: 1; mode=block
last-modified: Sat, 03 Feb 2024 13:52:54 GMT
server: cloudflare
etag: "65be4536-27c2d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzV4oi9r5PFpQIdHZvzFIkYd23JogTMNQbLWsMbc5IycIFbZSQEqBv8ot%2FU3lTkeK08DF2O5WKBhpVeOK%2FRa9pA682xAqtqAUj8JP8wTjR7Jy7SYBqvbcD1rOqduNjDLC0BQMPj%2FDQL1wE5NgXpuIM1oRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090b97d4bd2-BUF
expires: Sun, 02 Feb 2025 13:53:32 GMT

GET
H3 200 Screenshot-118-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 159 KB
160 KB 2403ms
2387ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-118-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2218c4ae1e3a769ff3a5a35e8ab9f3eaf312256c7d66e8f78ed7c9d7bddbac66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606647
alt-svc: h3=":443"; ma=86400
content-length: 163245
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Feb 2024 20:23:23 GMT
server: cloudflare
etag: "65bbfdbb-27dad"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urZkdZo%2BqtgUSWK%2BIrhJ3GWH%2F%2FAYEERZbNQWBBHSNulIPyUF%2FqwjF9bB1Ubg8Q3AORKi%2BBN7X5HzbXt1k34grDFrb%2F9NvnvSu2QTq%2FH%2FBpvosbxxeHqF3IXLWQ1yvjqkQMPjBzlczNk1FDv79lP%2BlzBxYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090b97e4bd2-BUF
expires: Sun, 02 Feb 2025 15:10:06 GMT

GET
H3 200 Screenshot-112-355x355.png
freedomheadlines.com/wp-content/uploads/2024/02/ 186 KB
187 KB 2453ms
2438ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-112-355x355.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e59fc50c6cfa0cd5b5ee0c82241b208740f002c3857496476fb155643f69563c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
alt-svc: h3=":443"; ma=86400
content-length: 190889
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Feb 2024 19:37:56 GMT
server: cloudflare
etag: "65bbf314-2e9a9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYMbSRPpiCgpsC%2FsCdpE5lVe%2BHaQlUXYM%2B5ZlXmed%2Fm59rTdbAy0QpdDQN%2F%2Bsemt1NFUXbxStogAWg%2FfSl0s1lUEKzM%2BOMtvaAUtIWMQ78c7azmkXxZGvAM%2FP%2BkTnWegLgwchd4t0xAlUL9Eb%2FKvkuLQOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090b97f4bd2-BUF
expires: Fri, 31 Jan 2025 19:38:58 GMT

GET
H2 200 freedomheadlines_freedomheadlines_sticky.js Show response
cdn1.lockerdomecdn.com/embeds/ 1003 B
1 KB 185ms
36ms Script
application/javascript 2600:9000:21dd:5400:b:6268:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/freedomheadlines_freedomheadlines_sticky.js
Requested by: Host: freedomheadlines.com
URL: https://freedomheadlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:5400:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bcf7c31dad5a7352c5b9750d4e991939473441aef5d9ea22c036a47df0e1dca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 2FslkIyxepjVYcj6UqIyjxnPoJ3KBM3m
date: Sun, 11 Feb 2024 10:46:53 GMT
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 17:31:35 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 41201
x-amz-server-side-encryption: AES256
etag: "c33cc7321d972455c359a8bc75ba8455"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1003
x-amz-cf-id: hwyZUHAKYIrP7heoKfzjAIOdYyjZLxGRLgM_1OKIfMv0Y0uB246Q_w==

GET
H3 200 load-posts.js Show response
freedomheadlines.com/wp-content/themes/breena/inc/assets/js/ 15 KB
4 KB 390ms
372ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-content/themes/breena/inc/assets/js/load-posts.js

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a340489de79ad09261c049dfee5416a53ea3c0234cf341433f30dacd8648775f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169746
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:19 GMT
server: cloudflare
etag: W/"6352012f-3bfb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F895TK0ectzGT0tmjLQ%2BNwe72NPPxwSAmLjfO%2B7%2BwfI%2FxxrD1Uw7R4OpOzn7njURfukL46oc9TFKdn9wjNtW1mrNZJvIpsUQiw0rEwnNIAGJhihlXLv%2FstvcYEUSPy%2F2Yzy9%2Ba7JJqSMbDM6Bb7lNK%2Btw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff090995b4bd2-BUF
expires: Mon, 11 Nov 2024 12:40:46 GMT

GET
H3 200 components.js Show response
freedomheadlines.com/wp-content/themes/breena/inc/assets/js/ 241 KB
67 KB 401ms
383ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-content/themes/breena/inc/assets/js/components.js?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1bcf2aae786aa72292ec28f330390b1e324f4c273f9ca993150b5163620d862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:20 GMT
server: cloudflare
etag: W/"63520130-3c5ec"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhOSJkbrTjNnSWkzrSYYcBXkENlxIlmZzlSSoVnEVFfgfaF%2Bxs7AXxTK7HGI6VVA3iSUg9e8ygh%2FT4OvTPmc65i1RJEIBwir9qvm5YGvxa%2BzXhXdYUn4cEoUY0uCVu6544gRrMvrsi5MLnwVY4itm7zzDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff090995d4bd2-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H3 200 breena.js Show response
freedomheadlines.com/wp-content/themes/breena/inc/assets/js/ 13 KB
5 KB 460ms
443ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-content/themes/breena/inc/assets/js/breena.js?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f14681142e16db6027f013840dc46f68cce2f3c5ccf8814d2361d06b5127d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:18 GMT
server: cloudflare
etag: W/"6352012e-356e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3sCRduFCRedljceXTM9KByEx9DoTXmZOjbyvWkVGEWLa3OjpbRlkg%2Fc5SKNygc94C4hCv5Oi37I8X40KenbMRfcPvPHEGmuQ6fcgWHTNzSAOq0r6IPS4BoBvLrpIXFH%2BTBtjop%2F5iX2DlsyqC3HuTu6ng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff090995e4bd2-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
freedomheadlines.com/wp-includes/js/mediaelement/ 154 KB
38 KB 462ms
444ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341440
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:04 GMT
server: cloudflare
etag: W/"63520120-267aa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppiMc89LSMcwOWN6qW4%2BF%2BffwLhaK5EUFObW3LoV9ZfECicx4txuDTqXYOSa%2BYqES3tW%2B8low0BZzYT1OYZtveBz7ughD6OaNLQPaDnvIJt9Roft%2Bb8d0WU3%2BYIhJNtEojrJxnIMyTFQxJcheQEXk10AuA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff090a95f4bd2-BUF
expires: Wed, 27 Nov 2024 09:47:26 GMT

GET
H3 200 mediaelement-migrate.min.js Show response
freedomheadlines.com/wp-includes/js/mediaelement/ 1 KB
1 KB 501ms
484ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261156
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:04 GMT
server: cloudflare
etag: W/"63520120-4a9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEptGGP31rCLtOlTwj3DMW9vS5gmN4tSIhI74%2FUMcaks%2FC7Xr9Q5gacZNv0UFVUgomzoOrrrnBl4dcE8Zp8Y%2BCG3YaF7nQpdsi69Qp5dLiEoWWG9oUWulBJx%2BWx8hOPKHfHL2ZWfXzFdZBNTwj2vNgSXng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff090a9604bd2-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H3 200 wp-mediaelement.min.js Show response
freedomheadlines.com/wp-includes/js/mediaelement/ 906 B
1001 B 502ms
485ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:04 GMT
server: cloudflare
etag: W/"63520120-38a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1%2BfM7%2BUuLVnpNYGe4X7GSkj%2BysyTOU4%2F%2FrI2h2XqDORRv7SkXaNQuK%2BN88iza7YMRr7jwpBgIR5eOjvsyYSsvF%2FXkkUfO7arjuqiYnSx%2FwLmt96jhuD%2BQoJdEEZSXy2zOnKlZFksu20CFGgQCXCXoL8Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff090a9614bd2-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H3 200 wp-emoji-release.min.js Show response
freedomheadlines.com/wp-includes/js/ 18 KB
5 KB 2497ms
2483ms Script
application/javascript 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomheadlines.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.9

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951189
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 02:17:04 GMT
server: cloudflare
etag: W/"63520120-4705"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuhahCFhXkdGaAc2AE2FmzuqQGvY6Jc4yFJOouI0jhSWX003hBCIHg4qSdY9FP6R5mZplTNbYTXK9kmOMXjmePMHeve1BaaHwKc%2B3CKBXUv782rZisDGb6RdRG10v%2F2V0WT7cO1gTbAeGzCYZCeWYpMQTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 853ff090b9814bd2-BUF
expires: Thu, 30 Jan 2025 17:47:14 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 245ms
112ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CLato%3A300%2C300i%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freedomheadlines.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:35:14 GMT
x-content-type-options: nosniff
age: 250699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:35:14 GMT

GET
H3 200 fontawesome-webfont.woff2
freedomheadlines.com/wp-content/themes/breena/inc/assets/css/font-awesome/fonts/ 75 KB
76 KB 2489ms
2483ms Font
font/woff2 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freedomheadlines.com/wp-content/themes/breena/inc/assets/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: freedomheadlines.com
URL: https://freedomheadlines.com/wp-content/themes/breena/inc/assets/css/font-awesome/css/font-awesome.min.css?ver=5.9.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://freedomheadlines.com/wp-content/themes/breena/inc/assets/css/font-awesome/css/font-awesome.min.css?ver=5.9.9
Origin: https://freedomheadlines.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1991342
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 21 Oct 2022 02:17:20 GMT
server: cloudflare
etag: "63520130-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxpTzGrLKgLQw%2FksyY5cMg2n9U%2B1c2xvwKOAWzo4sY65mjcpVOmFgSc0YjfjPa7Dnwa8giht0%2B1XdV%2BRZXFJuY86k%2BFnj7TO5rnpCi5XER55se1OHZnd%2FGAIoV7EyRqh9mI%2BhneqjzMj7upWbSTgsGXc8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff090b9824bd2-BUF
expires: Sat, 04 Jan 2025 00:31:15 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 154ms
23ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freedomheadlines.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:21:07 GMT
x-content-type-options: nosniff
age: 251546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:21:07 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 209ms
78ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freedomheadlines.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:33:05 GMT
x-content-type-options: nosniff
age: 304828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:33:05 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 193ms
63ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freedomheadlines.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:15:09 GMT
x-content-type-options: nosniff
age: 305904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:15:09 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 207ms
76ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freedomheadlines.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:30:23 GMT
x-content-type-options: nosniff
age: 304990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:30:23 GMT

GET
H3 200 Screenshot-182-375x249.png
freedomheadlines.com/wp-content/uploads/2024/02/ 126 KB
127 KB 2271ms
2258ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-182-375x249.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

990d433c0d4be6218e5e3c2a6d8d3f9463f7676be44504ba811695d074e878cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2838
alt-svc: h3=":443"; ma=86400
content-length: 129017
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Feb 2024 01:01:58 GMT
server: cloudflare
etag: "65c81c86-1f7f9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7wgbfLmyC6GxaQpUfnmlHb5exwGK2%2B2hx%2Bq0CJq6UWVIYJ8OGHKZQMyDz2m7dfeHjfSFUeFFqx%2FWOqPx0hF5omJb55asv592Pu12Xviv630cZX8XJRJVs3BM%2BmL8kALTFzQ9xiVdmt1QbGoTT9tDnR3fA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff09249f74bd2-BUF
expires: Mon, 10 Feb 2025 09:29:21 GMT

GET
H3 200 Screenshot-181-375x249.png
freedomheadlines.com/wp-content/uploads/2024/02/ 111 KB
111 KB 2301ms
2289ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-181-375x249.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94eed248eb26332006d142a318a7a7f4d36e7302893c3dd232fdcdd1c0fff21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2838
alt-svc: h3=":443"; ma=86400
content-length: 113459
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Feb 2024 00:40:52 GMT
server: cloudflare
etag: "65c81794-1bb33"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4YGQCS1U7eo8G5XsMzViL%2FtC3Xp3tSaKS%2BCJgD9MqyE824QDK3QB7M3%2FQKTYRfeOxq4qM83IJvyCs1XJzg2Ja8Nalf%2BqeimlNi%2F7eTdB9sA70jx%2FdA6VkNr8GRrrf%2BXgedh1U%2FdRzR1XGRsgnYFvmgI%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff09249f84bd2-BUF
expires: Mon, 10 Feb 2025 09:29:21 GMT

GET
H3 200 Screenshot-179-375x249.png
freedomheadlines.com/wp-content/uploads/2024/02/ 107 KB
108 KB 2331ms
2318ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/02/Screenshot-179-375x249.png

Requested by

Host: freedomheadlines.com
URL: https://freedomheadlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ff8bdf26d044a68712a1bfa9b28d2bf6e418e7717c3b75364f2f9ecc59bf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2838
alt-svc: h3=":443"; ma=86400
content-length: 109597
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Feb 2024 19:43:45 GMT
server: cloudflare
etag: "65c68071-1ac1d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaMSxjIKrC43PjWhF6uh7S316U1RpVadcl015XVsWUa7eLxZ2MyqxUrBRetPchVEOtNjnpFfSboVkFy2bJ7GAPbAQXYhMD9sEXKkBi4Ulks%2FRYrwLZ1rXLgy%2FnhUuS8Z%2FGQB84BR06BOfrgWdCnxex65xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853ff09249f94bd2-BUF
expires: Sun, 09 Feb 2025 06:29:16 GMT

GET
H2 200 ajs.js Show response
cdn2.decide.dev/_js/ 5 KB
3 KB 210ms
27ms Script
application/javascript 2600:9000:247b:c800:3:7df3:55c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.decide.dev/_js/ajs.js
Requested by: Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/freedomheadlines_freedomheadlines_sticky.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:c800:3:7df3:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f9788ee2167c38d3fa9fff1de4e37889522368ea18c541d85e67f9ffeb5b4127

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 15:18:19 GMT
content-encoding: gzip
via: 1.1 google, 1.1 8af02ce0419e91e83834b7deea9dd962.cloudfront.net (CloudFront)
last-modified: Sat, 10 Feb 2024 20:40:35 GMT
x-amz-cf-pop: JFK52-P2
age: 24914
etag: W/"1363-18d94c01eca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: ymFU9pxy4cmnLAeFGdS4--36UNzI6ohHkMDYrs4CYiDZ-lS5GH5J0g==

GET
H2 200 sjs.js Show response
cdn2.decide.dev/_js/ 10 KB
2 KB 207ms
25ms Script
application/javascript 2600:9000:247b:c800:3:7df3:55c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.decide.dev/_js/sjs.js
Requested by: Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/freedomheadlines_freedomheadlines_sticky.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:c800:3:7df3:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61773d9a3aa1ba14b2f4ea9a8118c619c460c5acbc8770405530cc5ce31ed7e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 10:24:47 GMT
content-encoding: gzip
via: 1.1 google, 1.1 8af02ce0419e91e83834b7deea9dd962.cloudfront.net (CloudFront)
last-modified: Sat, 10 Feb 2024 20:40:31 GMT
x-amz-cf-pop: JFK52-P2
age: 42526
etag: W/"26be-18d94c00efd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: rpvKMtoTlCwqjyqbm3izjhRx7JWbUu9J56MXlRlhGvRt_OHuv7fPJQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ 436 KB
137 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2063
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 16226629560626727405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Feb 2025 21:39:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 56ms
47ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CP4TF595X7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32644619-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c101bd4f44d2093a3e9927bb6a6b6bddfeed686f55ac5214733bf953ec3fd3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80951
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 11 Feb 2024 22:13:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 96ms
27ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32644619-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 21:51:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1310
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 11 Feb 2024 23:51:43 GMT

GET
H2 200 14729220068684902 Show response
decide.dev/lad/ Frame F856 943 B
1 KB 170ms
84ms Document
text/html 34.149.139.129
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://decide.dev/lad/14729220068684902?pubid=ld-14729220068684902&pubo=https%3A%2F%2Ffreedomheadlines.com&rid=&width=1560&path=%2F&x=-100779&y=101199
Requested by: Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.139.129 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 129.139.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 9fa96fcab2dcaa5ba3be1f07ccf8e8c920a24d10d0d2649dbc57bb2aeb0652a2

Request headers

Referer: https://freedomheadlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 943
content-type: text/html; charset=utf-8
date: Sun, 11 Feb 2024 22:13:33 GMT
via: 1.1 google

POST
H2 204 collect
www.google-analytics.com/g/ 0
174 B 40ms
38ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CP4TF595X7&gtm=45je4270v9116368575za200&_p=1707689612869&gcd=13l3l3l3l1&npa=0&dma=0&cid=2003759575.1707689614&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707689613&sct=1&seg=0&dl=https%3A%2F%2Ffreedomheadlines.com%2F&dt=Freedom%20Headlines%20%7C%20Top%20Political%20News%20USA%20%7C%20USA%20Politics%20%E2%80%93%20Freedom%20headlines%20provide%20the%20latest%20political%20news%20in%20the%20USA.%20Read%20the%20trending%20today%20news%20headlines%20in%20usa%20and%20find%20the%20best%20news%20about%20the%20politics.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1840
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CP4TF595X7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freedomheadlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 39ms
38ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=78040439&t=pageview&_s=1&dl=https%3A%2F%2Ffreedomheadlines.com%2F&ul=en-us&de=UTF-8&dt=Freedom%20Headlines%20%7C%20Top%20Political%20News%20USA%20%7C%20USA%20Politics%20%E2%80%93%20Freedom%20headlines%20provide%20the%20latest%20political%20news%20in%20the%20USA.%20Read%20the%20trending%20today%20news%20headlines%20in%20usa%20and%20find%20the%20best%20news%20about%20the%20politics.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1444507957&gjid=1555742747&cid=2003759575.1707689614&tid=UA-32644619-11&_gid=1244923625.1707689614&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=343287484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freedomheadlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 369ms
77ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61fda4114e814efbd487335e956dc9885aa28900f12fb50fd35adf033876cd96

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tj7DE9qOGoHEBSoi1PHhIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tj7DE9qOGoHEBSoi1PHhIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O3t6l69gEDszZf5wZACqtSgA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 318ms
39ms XHR
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-32644619-11&cid=2003759575.1707689614&jid=1444507957&gjid=1555742747&_gid=1244923625.1707689614&_u=YADAAUAAAAAAACAAI~&z=1974930685

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 11 Feb 2024 22:13:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freedomheadlines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVomq_oVuPYW73XM9EfMrTUfmhWRz5WC9oNBzCiCYDAioip97je0hA-84WzZUH4Y83c00A_Db71fEr2zVlnrV8nlB--jaLreeq9miSObHPT7XMWsNgYN1I-wQhYMHLr9OTV0CGZbw== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 62ms
60ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVomq_oVuPYW73XM9EfMrTUfmhWRz5WC9oNBzCiCYDAioip97je0hA-84WzZUH4Y83c00A_Db71fEr2zVlnrV8nlB--jaLreeq9miSObHPT7XMWsNgYN1I-wQhYMHLr9OTV0CGZbw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3Njg5NjE0LDk3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2ZyZWVkb21oZWFkbGluZXMuY29tLyIsbnVsbCxbWzgsIk0wWmdkYW1PTk5zIl0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxXelbhuuSGamfBQQn3Px5KWP-5Sw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44dd429d6f518c153ca25102bf826daae25a64a422351b043c5df24a23eceff1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yCAmWZ8sPjsXa91lLUU1lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-yCAmWZ8sPjsXa91lLUU1lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4K4hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6Ovt6l69gEHmx64AYA5IBJ2A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 89 KB
26 KB 141ms
40ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1344f2cf7e2562ce1c954075dda071857f4ff0c6bb6d2022384883f24d3bd1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:41:43 GMT
server: cloudflare
x-amz-request-id: H26QE7CVA1YJ2D5D
age: 1614
etag: W/"294eab17112a5071cb7b92bc188fc8b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 853ff0990eb94bc0-BUF
x-amz-id-2: 6M/MLQKMLerXFuhuclL6TIb6suZr1JUvvCyDKoBBidoF2unOXsF2MZBA1S/yfXzbnp9vyjRa6zc=

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 132ms
27ms Script
text/javascript 2600:9000:2511:ea00:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ea00:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sun, 11 Feb 2024 10:24:12 GMT
Via: 1.1 86a640712a72b4264f1681744fa48612.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 42563
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: -3PH8Jo5WD7IFgDu1lPZXzpYRSqDJo5QVI0OklyzU5ZUycrREn-cDw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
901 B 113ms
31ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 11 Feb 2024 22:13:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9123
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-nyc-kteb1890055-NYC
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 110ms
27ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:30:07 GMT
content-encoding: gzip
via: 1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 35008
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: BVxxy5RMjrlny80d4hVCghfXgx-YfhvC11vNIfexlr5fzgqdYzi0pw==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 199ms
116ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: ce139b897abff43d15bba6cb4a27bdcd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 91ms
25ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 09:44:46 GMT
content-encoding: gzip
age: 1081728
x-guploader-uploadid: ABPtcPrC-6N0WNjzkM5qAh9JaWJNUVWmAuT0EUNe79SUUOq5-JbFZ2q1o6Moq1ulXJNw4mtxq8o8E0tUjSpY48-eCIAGww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 29 Jan 2025 09:44:46 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 95ms
28ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2024 21:17:15 GMT
server: cloudflare
age: 162957
etag: W/"65bd5bdb-42d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 853ff098cb1a39f7-YYZ
expires: Wed, 14 Feb 2024 22:13:34 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 118ms
55ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js?cb=31081002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 12 Feb 2024 22:13:34 GMT

GET
H3 200 AGSKWxWODvYUypOf3MQ7HnwLEMrqQj83hKK7sHliexHL5d2Y4fB7Lkgqdn4HdjNL00IifCh0YHYSr3RelS3SbZgp5uTKv9H3EGEXN8ZcRwFp44Vjt9YHyqgZ1bFB7Qf4LtLzfirv_T7R9A== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 65ms
63ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWODvYUypOf3MQ7HnwLEMrqQj83hKK7sHliexHL5d2Y4fB7Lkgqdn4HdjNL00IifCh0YHYSr3RelS3SbZgp5uTKv9H3EGEXN8ZcRwFp44Vjt9YHyqgZ1bFB7Qf4LtLzfirv_T7R9A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3Njg5NjE0LDE3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9mcmVlZG9taGVhZGxpbmVzLmNvbS8iLG51bGwsW1s4LCJNMFpnZGFtT05OcyJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7468c2b37835cda9fce0108927f2f8f265db0191f848331913e8bacddf1d64b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GwHutCj2qkTOp9tn27jpJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-GwHutCj2qkTOp9tn27jpJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6Ovt6l69gEPjxqTwcA5hlJ4g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ffreedomheadlines.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ffreedomheadlines.com%2F&rid=esp&cc=1

85 B
194 B

57ms
56ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffreedomheadlines.com%2F&rid=esp&cc=1
Requested by: Host: freedomheadlines.com
URL: https://freedomheadlines.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 370d5a237df169ffbd65d31d1a2114d596b9aefe7eccfaf03537bde443ee7dd9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-CnxMRDCuwGeg4BkSs3YxQLA2k/k"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://freedomheadlines.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 11 Feb 2024 22:13:34 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://freedomheadlines.com
location: /esp?url=https%3A%2F%2Ffreedomheadlines.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
618 B 390ms
112ms XHR
application/json 54.85.196.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.196.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-196-253.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d720bd2e8fa9d5fd816e93c9314e0d1865466576a27ba38bda1f67a2ac0c98a6

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://freedomheadlines.com
cache-control: no-cache
x-server: 10.40.5.166
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
236 B 385ms
114ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://freedomheadlines.com
date: Sun, 11 Feb 2024 22:13:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame BBA9 725 B
870 B 120ms
36ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 72ff62298cb3f3a44ba552a12ad127a0d4d908d845304a40d641a43ea188828c

Request headers

Referer: https://freedomheadlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 452
content-type: text/html
date: Sun, 11 Feb 2024 22:13:34 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 980e20c9-3f2f-e2fe-e82a-334e10a8084b
pr-bh.ybp.yahoo.com/sync/openx/ Frame BBA9 43 B
604 B 172ms
55ms Image
image/gif 2600:1f18:4e9:5a05:c89c:b2af:dcc6:f0ac
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/980e20c9-3f2f-e2fe-e82a-334e10a8084b?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:c89c:b2af:dcc6:f0ac Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame BBA9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=541f3af0-b329-cb4d-19f3-a72c87cc0ee2
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=541f3af0-b329-cb4d-19f3-a72c87cc0ee2&dcc=t

43 B
855 B

57ms
54ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=541f3af0-b329-cb4d-19f3-a72c87cc0ee2&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Feb 2024 22:13:35 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JEEXY6QGFFDKFEG72RKT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 11 Feb 2024 22:13:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CTZFEDK4TZTFNY2N1M6K
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=541f3af0-b329-cb4d-19f3-a72c87cc0ee2&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BBA9
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c9892ea7-01ec-44d2-b080-b7652ec979b6&ttd_puid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0&gdpr_consent=

43 B
314 B

53ms
35ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=c9892ea7-01ec-44d2-b080-b7652ec979b6&ttd_puid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=c9892ea7-01ec-44d2-b080-b7652ec979b6&ttd_puid=0cc9468d-af83-70b7-d9fd-25bbefffc502&gdpr=0&gdpr_consent=
date: Sun, 11 Feb 2024 22:13:35 GMT
server: Kestrel
content-length: 335

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BBA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjBhNjk1NDctNjZmNC0yZTEzLWNjMWQtN2YwMjI1MWQwYjYy
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjBhNjk1NDctNjZmNC0yZTEzLWNjMWQtN2YwMjI1MWQwYjYy&google_tc=

170 B
243 B

55ms
53ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjBhNjk1NDctNjZmNC0yZTEzLWNjMWQtN2YwMjI1MWQwYjYy&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjBhNjk1NDctNjZmNC0yZTEzLWNjMWQtN2YwMjI1MWQwYjYy&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BBA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFDo0Wk_sHXISGbfkM16mw&google_cver=1

43 B
97 B

44ms
36ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFDo0Wk_sHXISGbfkM16mw&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFDo0Wk_sHXISGbfkM16mw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adblockpopup. Show response
fundingchoicesmessages.google.com/f/AGSKWxVVkA3EnVcmQ_Iqca7vvnMlt0KLrMaEusGuXwVYe96tmDm-3iiR4PhPUiZrD0kpGINd3zwJyMDXtJu0o2EYRQRGsvYdGJWW8IUglPe3rCfvgCJNBTh49AWXXWzm28qTlf9IaGC9RVudPpa7mGPVV-BKZhWzv... 54 B
110 B 66ms
62ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVVkA3EnVcmQ_Iqca7vvnMlt0KLrMaEusGuXwVYe96tmDm-3iiR4PhPUiZrD0kpGINd3zwJyMDXtJu0o2EYRQRGsvYdGJWW8IUglPe3rCfvgCJNBTh49AWXXWzm28qTlf9IaGC9RVudPpa7mGPVV-BKZhWzvv05mQatUO73N9WdqqB_XcaUN9y2xmDl/_/adblockpopup.?advertising=/ads/1./adpage./centerads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzzD3gj5Xl_LdwGs7PHMTHg16ATNA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d54e97c21624bf7256d0fdf8b5e2fad32f1dae0c16a9f2c99e2d90975b458953

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GIxI2bJb6wXRup0GsZLTfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-GIxI2bJb6wXRup0GsZLTfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KUhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Ovt6l69gEOo6c280MAC_FSfw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 189ms
62ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a5bf9cc5dd3ef346e99bf040f333b5b52215246f5d69ab6d7b441bb6a48c9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51304
x-xss-protection: 0
server: cafe
etag: 10149972078533088082
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 11 Feb 2024 22:13:35 GMT

POST
H3 204 AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 134ms
62ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LkLAenbV4xfWFXXMd7dAxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Feb 2024 22:13:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LkLAenbV4xfWFXXMd7dAxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBALcXP09y5dxybQMHWLGADkxxc0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://freedomheadlines.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 99ms
59ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tX3ovWOLY9Fg90a-GO5xiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Feb 2024 22:13:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-tX3ovWOLY9Fg90a-GO5xiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBALcXP09y5dxyYwY0qHGADkFRcc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freedomheadlines.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame F402 9 KB
5 KB 91ms
25ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freedomheadlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 20:09:24 GMT
etag: 3890843268177463596
expires: Sun, 25 Feb 2024 20:09:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
48ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B_jheAIKf8HRyMliQJcolQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Feb 2024 22:13:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-B_jheAIKf8HRyMliQJcolQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBALcXP09y5dxybQ8f5LBQDmXRg2"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://freedomheadlines.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
46ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVUuxUwNn5_484D5Q3ToEBeiI7x-1Jk3SaJ7Ya51BP8tYbMj6c5i1S-BwDYQte22qQOH7aiZ3XNRZtc1B-qHqV2y5Blqg0OAEthp2qM0BhtFuO6xkvpHqBpohKqz6VglM9HCWAnHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CGmEd7Sig0qczzW1CIhseg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Feb 2024 22:13:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-CGmEd7Sig0qczzW1CIhseg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBALcXP09y5dxyYw4_yzagDm2xge"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://freedomheadlines.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXKX_e_VMy34ltAq7RwN9sYtgOSBlNnRwQQghs4dStCPlcYtAPlOFT2sRfGgwTu7HFXb44fGvNYjtMxbfJ3l-fAXlh8oifyb4LjNXz4Tsy0GjkPPx4ZI0Noth9a4LX0JEyc9MojeQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
58ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXKX_e_VMy34ltAq7RwN9sYtgOSBlNnRwQQghs4dStCPlcYtAPlOFT2sRfGgwTu7HFXb44fGvNYjtMxbfJ3l-fAXlh8oifyb4LjNXz4Tsy0GjkPPx4ZI0Noth9a4LX0JEyc9MojeQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3Njg5NjE1LDIzNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZnJlZWRvbWhlYWRsaW5lcy5jb20vIixudWxsLFtbOCwiTTBaZ2RhbU9OTnMiXSxbOSwiZW4tVVMiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34f050549c8d27fa1d85e8812f2c433d163b5097864f7cf109b3ac2e51c9702a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2qlja-kdiRW-8Pcm0h4x_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freedomheadlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:13:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2qlja-kdiRW-8Pcm0h4x_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48Hy5vw6ax8EdNZ4-qmsxYAMd-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O_t6l69gEdjy61MwIADbwSh4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8F93 14 KB
6 KB 149ms
36ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=freedomheadlines.com&us_privacy=1---&gpp=&gpp_sid=-1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://freedomheadlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 22:13:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 841570
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H3 204 AGSKWxUw1OAms-BB35qs0jJ6paBGUPS-oK0f94hi5ZkBYmW58_t10WeHlQ1yP3GQ3tU2FjppLynHpSRUoZW5E7JPIdlgRMrzqzbUuAKxwPCyY3MXdzoKMc-v--QAJfFY1TU7RQ8Ar48w-w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 70ms
59ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUw1OAms-BB35qs0jJ6paBGUPS-oK0f94hi5ZkBYmW58_t10WeHlQ1yP3GQ3tU2FjppLynHpSRUoZW5E7JPIdlgRMrzqzbUuAKxwPCyY3MXdzoKMc-v--QAJfFY1TU7RQ8Ar48w-w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bwc-e3e9f1fCMY8KOOu6GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freedomheadlines.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Feb 2024 22:13:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-bwc-e3e9f1fCMY8KOOu6GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XD09y5dxyaw4tj5bYwA-8IYPA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://freedomheadlines.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8F93
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=freedomheadlines.com&sn=ChromeSyncframe&so=0&topUrl=freedomheadlines.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_pdgYXxjNTJ5YXViWGJPdVd1bWdpcGg3a0sxaVFoTFBCTW5vWDNUOGtRcmdJTjROSG4xZzBlT0JVL0ZEWlBQUUJEVjg2cEFuTC9iQ09EMjk1ZVZOWExNWXVWRTh3M2VOUHFsSmRNTlJwVzVpd1BJaGI0bzNSMXZVVUM5L2...

457 B
1 KB

132ms
36ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_pdgYXxjNTJ5YXViWGJPdVd1bWdpcGg3a0sxaVFoTFBCTW5vWDNUOGtRcmdJTjROSG4xZzBlT0JVL0ZEWlBQUUJEVjg2cEFuTC9iQ09EMjk1ZVZOWExNWXVWRTh3M2VOUHFsSmRNTlJwVzVpd1BJaGI0bzNSMXZVVUM5L2hPa0N0azJSajZFSHhmZjNlL2hPWnBycXZjenNONXFZWjYzYkNTcGVQS3FZOGJIOEZUcjR4TEt3bk5VaVQyb3V3bDlSVDArU3h3b0FQdVRabmZQOURyUkVWWHA2ZEtSZjFDRmc0dDhoR29kVUJkV1R0ZnAyS21GS0lxWkJyN081YWVHZ3pLWEdzQVovdi9iVFFrejk3NncrZnhyZThITnh2WWZCSVB5bTc5TWc0Y0NqVkREUT18&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2d9d60a7e6f524e853c090b533fcb861fa89c2f60164bb875120b9b7b776d134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3322338
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 22:13:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_pdgYXxjNTJ5YXViWGJPdVd1bWdpcGg3a0sxaVFoTFBCTW5vWDNUOGtRcmdJTjROSG4xZzBlT0JVL0ZEWlBQUUJEVjg2cEFuTC9iQ09EMjk1ZVZOWExNWXVWRTh3M2VOUHFsSmRNTlJwVzVpd1BJaGI0bzNSMXZVVUM5L2hPa0N0azJSajZFSHhmZjNlL2hPWnBycXZjenNONXFZWjYzYkNTcGVQS3FZOGJIOEZUcjR4TEt3bk5VaVQyb3V3bDlSVDArU3h3b0FQdVRabmZQOURyUkVWWHA2ZEtSZjFDRmc0dDhoR29kVUJkV1R0ZnAyS21GS0lxWkJyN081YWVHZ3pLWEdzQVovdi9iVFFrejk3NncrZnhyZThITnh2WWZCSVB5bTc5TWc0Y0NqVkREUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 631898
content-length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/mO6DXK83XA/sdk/

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freedomheadlines.com/	1970-01-21 03:57:29	Name: _ga_CP4TF595X7 Value: GS1.1.1707689613.1.0.1707689613.0.0.0
.freedomheadlines.com/	1970-01-21 03:57:29	Name: _ga Value: GA1.2.2003759575.1707689614
.freedomheadlines.com/	1970-01-20 18:22:56	Name: _gid Value: GA1.2.1244923625.1707689614
.freedomheadlines.com/	1970-01-20 18:21:29	Name: _gat_gtag_UA_32644619_11 Value: 1
.openx.net/	1970-01-21 03:07:05	Name: i Value: df6579d4-0604-4f40-832b-ed538bd8f6ff\|1707689614
.crwdcntrl.net/	1970-01-21 00:50:17	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:50:17	Name: _cc_id Value: 54706fb849bc2bbb4821cff854c5b242
.freedomheadlines.com/	1970-01-21 00:50:17	Name: _cc_id Value: 54706fb849bc2bbb4821cff854c5b242
.freedomheadlines.com/	1970-01-20 18:22:56	Name: panoramaId_expiry Value: 1707776014625
.openx.net/	1970-01-20 18:43:05	Name: pd Value: v2\|1707689614\|vMgavPkWgy
.yahoo.com/	1970-01-21 03:07:27	Name: A3 Value: d=AQABBI5GyWUCECuocfswcqEtKVYXPGtNRLMFEgEBAQGYymXTZQAAAAAA_eMAAA&S=AQAAAmo4WZkbE1r7v35Jj9CNMOk
.adsrvr.org/	1970-01-21 03:08:32	Name: TDID Value: c9892ea7-01ec-44d2-b080-b7652ec979b6
.amazon-adsystem.com/	1970-01-20 23:57:00	Name: ad-id Value: A9LpNyrr4UgCnlbbKjTpC3E
.amazon-adsystem.com/	1970-01-21 03:57:29	Name: ad-privacy Value: 0
.adsrvr.org/	1970-01-21 03:08:32	Name: TDCPM Value: CAEYBSABKAIyCwjAnZe7rdbVPBAFOAE.
.doubleclick.net/	1970-01-21 03:57:29	Name: IDE Value: AHWqTUnKA4DRp_i_U9Fa7E8huFVfH1ffjkmjH3NDTxXXuJV7b8uqBE6COiAFMjNsBEk
.openx.net/	1970-01-20 18:43:05	Name: univ_id Value: 537072971\|c9892ea7-01ec-44d2-b080-b7652ec979b6\|1707689615114259
.freedomheadlines.com/	1970-01-21 03:07:05	Name: FCNEC Value: %5B%5B%22AKsRol-wtvfXq0TVDfWZT2f8n8fyIRdw7MWUKvl5B7Idt81n6ZJkHE695imqgaLRZs8qd82Ey8z2aavI36s1rwx6VM-AGwjz9CXdDS6D-N5C8cKnmQRY0e___wWNOzTK08_3WXI_lDz8lSTdgLLBLWg8ywA2-prWsw%3D%3D%22%5D%5D
.criteo.com/	1970-01-21 03:43:05	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:43:05	Name: uid Value: f9f6b2ee-0d67-47e4-a448-965096de9701
.criteo.com/	1970-01-21 03:43:05	Name: partitioned_bundle Value: RJ6yv19KJTJGRWFFSVl1ejZVdE5oMVYyb2lONFB4SmRqQ25Db29lQVo2cHljeUNBakliM0pzJTJCeGc2dW5vd1pYdXNWYkdiYXBycXFJN2VQOHlMbURadnNaJTJCRHZhZ2VMVmNCUEhndTNpQXVyeHRiSyUyRk5ta2l5dSUyRjNUbVJWMzByJTJGNUIyOTlkWGpOZVZtWm1ORDJsYjU1Sml6ZjQ0dG93dnNkdlo2dmJodmlMcFdwOW9qRjJaNGglMkY1V3JVMWx4MEl1VEhHVlhTaA
.freedomheadlines.com/	1970-01-21 03:43:05	Name: cto_bundle Value: 2AHaGl9KJTJGRWFFSVl1ejZVdE5oMVYyb2lONFB4SmRqQ25Db29lQVo2cHljeUNBakliM0pzJTJCeGc2dW5vd1pYdXNWYkdiYXBycXFJN2VQOHlMbURadnNaJTJCRHZhZ2VMVmNCUEhndTNpQXVyeHRiSyUyRk5ta2l5dSUyRjNUbVJWMzByJTJGNUIyOTlkWGpOZVZtWm1ORDJsYjU1Sml6ZjQ0dGtzUGVRTnA5S3UxVkJFRVg5YU9Za0klM0Q

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://users.api.jeeng.com/users/domains/mO6DXK83XA/sdk/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://freedomheadlines.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn1.lockerdomecdn.com
cdn2.decide.dev
cm.g.doubleclick.net
decide.dev
fonts.googleapis.com
fonts.gstatic.com
freedomheadlines.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
mailz.leafybranch.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
us-u.openx.net
users.api.jeeng.com
www.google-analytics.com
www.googletagmanager.com
users.api.jeeng.com
104.18.35.167
108.138.128.34
142.251.40.162
162.19.138.118
209.54.182.161
2600:1f18:4e9:5a05:c89c:b2af:dcc6:f0ac
2600:3c00::f03c:93ff:fe39:3408
2600:9000:21dd:5400:b:6268:b880:93a1
2600:9000:247b:c800:3:7df3:55c0:93a1
2600:9000:2511:ea00:a:e047:753:eb41
2606:4700:10::ac43:266a
2606:4700:3030::6815:2278
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2002
2620:100:a001::4
2620:100:a001::c
2a04:4e42:200::485
3.33.220.150
34.102.146.192
34.120.107.143
34.149.139.129
34.96.70.87
35.244.159.8
54.85.196.253
74.119.119.139
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02dec2fffb65715a3fceb2ad95d50b8eb56f519e7a9a3718671d15d1527f48e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1344f2cf7e2562ce1c954075dda071857f4ff0c6bb6d2022384883f24d3bd1e9
15fdd50a7fe7f3a79e1115d84e5e2109bd20575700f293449dc33e50b54b7278
187ac694e850167fdd2f736e8d18a46097412ee3ca36edc39a54924ce58a92d1
2218c4ae1e3a769ff3a5a35e8ab9f3eaf312256c7d66e8f78ed7c9d7bddbac66
27348c25398b02664f6e2b4bfeb1dc662d2144366783cf0c8c182b4c40c6feda
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bcf7c31dad5a7352c5b9750d4e991939473441aef5d9ea22c036a47df0e1dca
2d9d60a7e6f524e853c090b533fcb861fa89c2f60164bb875120b9b7b776d134
2daccf20003ab05bb2398f30e0c6590bc0de12050130d0417f58604663118daa
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e11c07af27692f028fd0b99be86ab8bbf352f0719c004a50fc515be69eeadf8
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
3417f08a454ce5a2c9109fd0cb417546357afa78dd2571804c0fd718b4e816f4
34f050549c8d27fa1d85e8812f2c433d163b5097864f7cf109b3ac2e51c9702a
36d7ca0b9d64011d1d986ec276bc2240a54199f883c0b718471b7d5e0b208228
370d5a237df169ffbd65d31d1a2114d596b9aefe7eccfaf03537bde443ee7dd9
3a5bf9cc5dd3ef346e99bf040f333b5b52215246f5d69ab6d7b441bb6a48c9e0
3ac6e9505672e7219238eb414f437d26c9f9b7285f00c5dbd02e82ee3d8374be
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
44dd429d6f518c153ca25102bf826daae25a64a422351b043c5df24a23eceff1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a9c296e741efdd14a3b5bd5daa4c977038b45df0c810f1315e9ebe0bd428937
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53516be0a9c5da939f915dd0b838deb739eade601227bcbecbbcd30f3aa141d1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548ac92055db7d54eee87e56dc70b947ca6bd5f4137b466aabb581111e447189
61773d9a3aa1ba14b2f4ea9a8118c619c460c5acbc8770405530cc5ce31ed7e4
61fda4114e814efbd487335e956dc9885aa28900f12fb50fd35adf033876cd96
68e31ce0af00a64739c011e443360551f543cd78c0f6d8fa74782af0ed468ca5
6b308b20085577b2b60aff955b22f267ece44b4e900e7a0b03db2af62374d7c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
72ff62298cb3f3a44ba552a12ad127a0d4d908d845304a40d641a43ea188828c
76bbe117102ce802cd20b57f9722133d7924bb3395bfe201f8f0b515a81c46dc
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6a70e6e0bcad7e4594eda95e649104dbb17cd3bd3f5b87aa07784814073ec9
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
8934e50a379b952d7519a1508598f3289b07d54fe60db6e1293b1a95d857b9f4
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92b19cf55c0e5b2dceebd85345b8a0899086f33716f987bfa10ca59b57c02fa2
92bf94837e363dc2a3b4c54b15d15b0a90536ad55db6c9191e25b867a33bb2fc
92c90ef09cf0dd580edfba04b4d7fa5f3230b0cf47771511f192e34039f60070
93ff8bdf26d044a68712a1bfa9b28d2bf6e418e7717c3b75364f2f9ecc59bf6e
94eed248eb26332006d142a318a7a7f4d36e7302893c3dd232fdcdd1c0fff21a
990d433c0d4be6218e5e3c2a6d8d3f9463f7676be44504ba811695d074e878cc
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9fa96fcab2dcaa5ba3be1f07ccf8e8c920a24d10d0d2649dbc57bb2aeb0652a2
a2e99d9f642cf26e56bad3ff3705fd8ab8ea028ffa302405d1642bb7456d796a
a340489de79ad09261c049dfee5416a53ea3c0234cf341433f30dacd8648775f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a81997224ea6b3cd7c4a3f5538be37b103ab12171b55c99ee7dfe25a46225903
a958607d9e79a3d886868a88bdaca055bf913bfbe3cc8e8f12cf9333ed86a517
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
b611b4d84df0cf7b36271516046e450429cfc5b82c03524fb8dca1b769488159
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c101bd4f44d2093a3e9927bb6a6b6bddfeed686f55ac5214733bf953ec3fd3de
c1e3066e7ed6a0b5966c1a07d49fe12a5b8055410b672bae1bcfa988e1f6460a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5
c925ec1476277c191bdcad290ba04f1ea9121ab6cc7f2ee96d3f50a4046e154e
cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d54e97c21624bf7256d0fdf8b5e2fad32f1dae0c16a9f2c99e2d90975b458953
d720bd2e8fa9d5fd816e93c9314e0d1865466576a27ba38bda1f67a2ac0c98a6
d7468c2b37835cda9fce0108927f2f8f265db0191f848331913e8bacddf1d64b
d7e14c54ef4766b96809b799ad013d3507921ac9f208ab6817e7fbe26b5b6a37
d90635e9387d609021c98744f1c57f90fe34597a03506c9b3aa77419623255b8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df05212bb889615bd56fde21376ef68d499860205943aaac71fc45d2a207b8ae
e1bcf2aae786aa72292ec28f330390b1e324f4c273f9ca993150b5163620d862
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3af7f51784ed4f949a73ea169afd133ee7c27525717273c89a57c7ea5017d
e59fc50c6cfa0cd5b5ee0c82241b208740f002c3857496476fb155643f69563c
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
e5fb01b44731d3b33d3a227b318e8be534cdd572945cae5789ae56f4d4ab7de7
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e99595e3b264f17841eeacadf66d8518fb82c055ed8bc6fe13306d1fbbee9f78
e9efd3741128651b2b5ad304c0c8c0a5341446918063f2f5f141a08779f05896
eea137e9308a920bc68c3f46f2568700a5b388af64b565d2b42b1183bd600dbc
f673a8adc98789a6eca1dd65c67fb782787f2571ba2730bb8c5f69bea7b5bc0f
f6f14681142e16db6027f013840dc46f68cce2f3c5ccf8814d2361d06b5127d8
f9788ee2167c38d3fa9fff1de4e37889522368ea18c541d85e67f9ffeb5b4127

freedomheadlines.com Open in urlscan Pro 2606:4700:3030::6815:2278 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

93 %HTTPS

59 %IPv6

25 Domains

34 Subdomains

31 IPs

3 Countries

6679 kBTransfer

8491 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freedomheadlines.com Open in urlscan Pro
2606:4700:3030::6815:2278 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

93 %
HTTPS

59 %
IPv6

25
Domains

34
Subdomains

31
IPs

3
Countries

6679 kB
Transfer

8491 kB
Size

22
Cookies

102 HTTP transactions
0 data transactions