citizendailypost.com Open in urlscan Pro
104.21.81.215 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citizendailypost.com/
Submission: On November 16 via automatic, source certstream-suspicious (November 16th 2023, 5:47:26 pm UTC) — Scanned from DE

Summary HTTP 89 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 33 IPs in 8 countries across 34 domains to perform 89 HTTP transactions. The main IP is 104.21.81.215, located in and belongs to CLOUDFLARENET, US. The main domain is citizendailypost.com.
TLS certificate: Issued by GTS CA 1P5 on November 16th 2023. Valid for: 3 months.

This is the only time citizendailypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	104.21.81.215 104.21.81.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	18.239.18.36 18.239.18.36	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:440... 2606:4700:4400::6812:2860	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.90.74.72 54.90.74.72	14618 (AMAZON-AES) (AMAZON-AES)
1	2.19.226.49 2.19.226.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.0.66.16 192.0.66.16	2635 (AUTOMATTIC) (AUTOMATTIC)
2	185.15.59.240 185.15.59.240	14907 (WIKIMEDIA) (WIKIMEDIA)
1	34.160.17.71 34.160.17.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.153.4 162.159.153.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.38.98.17 23.38.98.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.2.98 151.101.2.98	54113 (FASTLY) (FASTLY)
1	199.232.196.124 199.232.196.124	54113 (FASTLY) (FASTLY)
1	23.185.0.4 23.185.0.4	54113 (FASTLY) (FASTLY)
1	108.156.39.13 108.156.39.13	16509 (AMAZON-02) (AMAZON-02)
1	18.239.102.66 18.239.102.66	16509 (AMAZON-02) (AMAZON-02)
1	23.185.0.1 23.185.0.1	54113 (FASTLY) (FASTLY)
1	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	69.174.52.39 69.174.52.39	54641 (IMH-IAD) (IMH-IAD)
1	109.228.36.162 109.228.36.162	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	23.73.140.140 23.73.140.140	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.112.90 18.66.112.90	16509 (AMAZON-02) (AMAZON-02)
16	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	13.107.213.60 13.107.213.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
4	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 6	92.123.104.53 92.123.104.53	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.197.187.29 18.197.187.29	16509 (AMAZON-02) (AMAZON-02)
1 1	52.17.168.131 52.17.168.131	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
89	33

18 104.21.81.215 (None, )

ASN13335 (CLOUDFLARENET, US)

citizendailypost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-36.ams58.r.cloudfront.net

s.abcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2860 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixabay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.90.74.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-74-72.compute-1.amazonaws.com

lajolla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.226.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-226-49.deploy.static.akamaitechnologies.com

www.livemint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.16 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.digitaltrends.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.59.240 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.esams.wikimedia.org

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.17.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.17.160.34.bc.googleusercontent.com

www.highonfilms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.153.4 (None, )

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.98.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-17.deploy.static.akamaitechnologies.com

gray-wymt-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.98 (United States)

ASN54113 (FASTLY, US)

www.si.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.124 (United States)

ASN54113 (FASTLY, US)

cdn.vox-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.185.0.4 (United States)

ASN54113 (FASTLY, US)

www.medicaldevice-network.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.39.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-39-13.lhr50.r.cloudfront.net

staticg.sportskeeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.102.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-102-66.ams1.r.cloudfront.net

d3ezn0y6hdgq62.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.185.0.1 (United States)

ASN54113 (FASTLY, US)

www.paho.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

media.tegna-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.174.52.39 (United States)

ASN54641 (IMH-IAD, US)

archive.themedium.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.228.36.162 (Alton, United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: itpz.com

www.thebeachguide.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.140.140 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-140-140.deploy.static.akamaitechnologies.com

ichef.bbci.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-90.fra56.r.cloudfront.net

i2-prod.bristolpost.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 92.123.104.53 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-104-53.deploy.static.akamaitechnologies.com

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.187.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-187-29.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.168.131 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-168-131.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	citizendailypost.com citizendailypost.com	213 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	53 KB
8	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1682 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903	58 KB
7	pixabay.com cdn.pixabay.com — Cisco Umbrella Rank: 33877	2 MB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	207 KB
6	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 66	45 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	653 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	128 KB
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4948	73 KB
2	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2859	4 MB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	387 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	717 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	147 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	174 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	150 B
1	bristolpost.co.uk i2-prod.bristolpost.co.uk — Cisco Umbrella Rank: 138014	83 KB
1	bbci.co.uk ichef.bbci.co.uk — Cisco Umbrella Rank: 8761	103 KB
1	thebeachguide.co.uk www.thebeachguide.co.uk	76 KB
1	themedium.ca archive.themedium.ca	143 KB
1	tegna-media.com media.tegna-media.com — Cisco Umbrella Rank: 27092	76 KB
1	paho.org www.paho.org — Cisco Umbrella Rank: 290231	169 KB
1	cloudfront.net d3ezn0y6hdgq62.cloudfront.net	783 KB
1	sportskeeda.com staticg.sportskeeda.com — Cisco Umbrella Rank: 36178	106 KB
1	medicaldevice-network.com www.medicaldevice-network.com — Cisco Umbrella Rank: 615897	36 KB
1	vox-cdn.com cdn.vox-cdn.com — Cisco Umbrella Rank: 14424	144 KB
1	si.com www.si.com — Cisco Umbrella Rank: 21111	234 KB
1	arcpublishing.com gray-wymt-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 591381	35 KB
1	medium.com miro.medium.com — Cisco Umbrella Rank: 14368	61 KB
1	highonfilms.com www.highonfilms.com	159 KB
1	digitaltrends.com www.digitaltrends.com — Cisco Umbrella Rank: 70992	290 KB
1	livemint.com www.livemint.com — Cisco Umbrella Rank: 122530	41 KB
1	lajolla.com lajolla.com	67 KB
1	abcnews.com s.abcnews.com — Cisco Umbrella Rank: 23016	133 KB
89	34

	Domain	Requested by
18	citizendailypost.com	citizendailypost.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cdn.pixabay.com	citizendailypost.com
6	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
6	www.bing.com	2 redirects googleads.g.doubleclick.net
5	cm.g.doubleclick.net	citizendailypost.com googleads.g.doubleclick.net
4	tpc.googlesyndication.com	googleads.g.doubleclick.net
3	pagead2.googlesyndication.com	citizendailypost.com pagead2.googlesyndication.com googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	cdn.adnxs.com	googleads.g.doubleclick.net
2	adsdk.microsoft.com	googleads.g.doubleclick.net
2	upload.wikimedia.org	citizendailypost.com
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	i2-prod.bristolpost.co.uk	citizendailypost.com
1	ichef.bbci.co.uk	citizendailypost.com
1	www.thebeachguide.co.uk	citizendailypost.com
1	archive.themedium.ca	citizendailypost.com
1	media.tegna-media.com	citizendailypost.com
1	www.paho.org	citizendailypost.com
1	d3ezn0y6hdgq62.cloudfront.net	citizendailypost.com
1	staticg.sportskeeda.com	citizendailypost.com
1	www.medicaldevice-network.com	citizendailypost.com
1	cdn.vox-cdn.com	citizendailypost.com
1	www.si.com	citizendailypost.com
1	gray-wymt-prod.cdn.arcpublishing.com	citizendailypost.com
1	miro.medium.com	citizendailypost.com
1	www.highonfilms.com	citizendailypost.com
1	www.digitaltrends.com	citizendailypost.com
1	www.livemint.com	citizendailypost.com
1	lajolla.com	citizendailypost.com
1	s.abcnews.com	citizendailypost.com
89	37

This site contains links to these domains. Also see Links.

Domain
www.citizendailypost.com
www.newyearevefireworks.com
www.metrodailyreporter.com
www.localobserverdaily.com
www.pinterest.com

Subject Issuer	Validity	Valid
citizendailypost.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
s.abcnews.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
pixabay.com Cloudflare Inc ECC CA-3	`2023-03-12` - `2024-03-11`	a year	crt.sh
lajolla.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-24` - `2024-02-24`	a year	crt.sh
www.hindustantimes.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-20` - `2023-12-20`	a year	crt.sh
digitaltrends.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
*.highonfilms.com R3	`2023-11-15` - `2024-02-13`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2022-12-12` - `2024-01-12`	a year	crt.sh
*.maven.io GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-11` - `2024-11-11`	a year	crt.sh
*.vox-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
airforce-technology.com R3	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.sportskeeda.com Amazon ECDSA 256 M02	`2023-09-25` - `2024-10-23`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
paho.org GeoTrust TLS RSA CA G1	`2023-07-07` - `2024-08-06`	a year	crt.sh
www.tegna-media.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
archive.themedium.ca cPanel, Inc. Certification Authority	`2023-11-06` - `2024-02-04`	3 months	crt.sh
thebeachguide.co.uk R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
www.bbc.co.uk GlobalSign ECC OV SSL CA 2018	`2023-10-25` - `2024-11-25`	a year	crt.sh
mirror.co.uk Amazon RSA 2048 M01	`2023-09-17` - `2024-10-16`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://citizendailypost.com/
Frame ID: 9724D8A0FCA142B81044BCDC971CFB40
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 0662C6101EBB3B1FB1DBA7D791851EFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&adk=1812271804&adf=3025194257&lmt=1700156817&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816392&bpp=12&bdt=671&idt=917&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5592825283792&frm=20&pv=2&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=951
Frame ID: CD379C501404AE508EAB410BCCEA96DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=7369555951&adk=1018775299&adf=1624120734&pi=t.ma~as.7369555951&w=190&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=190x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816404&bpp=2&bdt=683&idt=944&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=810&ady=2182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=961
Frame ID: 0A48C24909237A8266CB5A6C5DB16A40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=5181542163&adk=1444665505&adf=746076874&pi=t.ma~as.5181542163&w=250&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=250x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816406&bpp=1&bdt=685&idt=973&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=977
Frame ID: 91228D1370E0F45CD69EB50B2D22D031
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=860&slotname=2712125646&adk=1354433015&adf=2339404175&pi=t.ma~as.2712125646&w=250&cr_col=1&cr_row=13&fwrn=2&lmt=1700156817&rafmt=9&format=250x860&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816407&bpp=1&bdt=686&idt=980&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600%2C250x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=983
Frame ID: 5418FD9D40C798FF5B798F3B1BBCD7BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&slotname=9713165186&adk=2248590900&adf=3198278716&pi=t.ma~as.9713165186&w=730&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=730x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816408&bpp=1&bdt=687&idt=984&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600%2C250x600%2C250x860&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=3850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=992
Frame ID: 2417169FAEFB06C7829C50B120893136
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: A97D696A0BB6C40FF3BF6AE132EBA18D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Frame ID: 45D860918B017DFEFF06A06F5A519C55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=240&adk=157853398&adf=798835492&pi=t.aa~a.4218541922~rp.4&w=190&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=190x240&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280%2C450x280&nras=3&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=810&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=16
Frame ID: F19958DE2996B359DF011200EB612AF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=100&adk=2346013718&adf=261726550&pi=t.aa~a.2007809772~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x100&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280%2C450x280%2C190x240&nras=4&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=21
Frame ID: BDB51A687B67E3D7C274A30FCBFB2631
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 3CA9C4F58559852B4AB848AF8FCDB603
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 128DE45078F0F09A3176B7BB0637332A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Citizen Daily Post - Breaking News, News Headlines, Top News Today, US News, World News

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

91 %
HTTPS

3 %
IPv6

34
Domains

37
Subdomains

33
IPs

8
Countries

9837 kB
Transfer

11293 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citizendailypost.com/

Search URL Search Domain Scan URL

URL: https://www.newyearevefireworks.com/
Title: NEW YEAR EVE

Search URL Search Domain Scan URL

URL: https://www.metrodailyreporter.com/
Title: METRO DAILY

Search URL Search Domain Scan URL

URL: https://www.localobserverdaily.com/
Title: LOCAL OBSERVER

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/countycitizen/pins/
Title: PINS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=65945a5f-2b3b-46c2-9915-9c99b0938bf1&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=45a3d5ae-b850-4d20-a393-513f1bbf839f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D4eb8f1a848a8472d9ecae7f4bc1ca5ed%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba_ub&aid=8658808397227694085 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4eb8f1a848a8472d9ecae7f4bc1ca5ed&SNR=1&GV=2&med=10

Request Chain 70

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0164e3b7-8de6-4daf-aa83-5f8941ae2820&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=c8069bbc-5742-4f26-add0-795d36146b61&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D4da276d6b29b4e36882d5a01bba25965%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_vcqrivpr&aid=8721091224846855309 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4da276d6b29b4e36882d5a01bba25965&SNR=1&GV=2&med=10

Request Chain 85

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOK5-roDjJVQ65nY70szBrg&google_cver=1&google_push=AXcoOmQbNTrO9s0pdjVHUXc3maNupKQ2xhGeVUTsYpjOc53cg0Z-EnA0Z8-nZ20W2aEF9fN5kM-2quFXjxbdYO8EwUpfLa2_IR4jGdM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbNTrO9s0pdjVHUXc3maNupKQ2xhGeVUTsYpjOc53cg0Z-EnA0Z8-nZ20W2aEF9fN5kM-2quFXjxbdYO8EwUpfLa2_IR4jGdM&google_hm=eS0wMWNPdVZGRTJwR2RyNDlnLk9lRWNBc0tuZVNuQnFkLn5B

Request Chain 86

https://d5p.de17a.com/cookies/google?google_gid=CAESEFZ3A7EUvnThmHv4OYo_Y_s&google_cver=1&google_push=AXcoOmTRys20tf8E12SgNh7CQtSemdZ5SHF_C7Sq8XZp39oNQv7SV5aPUN-NPVUzZQrXGJWL3rUglqY-M5KeLFgTLK5SJymCQ5Vpevs HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFZ3A7EUvnThmHv4OYo_Y_s&google_cver=1&google_push=AXcoOmTRys20tf8E12SgNh7CQtSemdZ5SHF_C7Sq8XZp39oNQv7SV5aPUN-NPVUzZQrXGJWL3rUglqY-M5KeLFgTLK5SJymCQ5Vpevs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTRys20tf8E12SgNh7CQtSemdZ5SHF_C7Sq8XZp39oNQv7SV5aPUN-NPVUzZQrXGJWL3rUglqY-M5KeLFgTLK5SJymCQ5Vpevs

Request Chain 87

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECSaBRAWwACrTEbXLzBsP3E&google_cver=1&google_push=AXcoOmTovMAzsCxAsSW--ZKJppnDpkoxObyWaUDJUGj_BEKaermi3E8rWugfACKcQLhIKKTvvDlOk1Z5r5rLqSgm3Co_VqETsr7iKQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECSaBRAWwACrTEbXLzBsP3E&google_cver=1&google_push=AXcoOmTovMAzsCxAsSW--ZKJppnDpkoxObyWaUDJUGj_BEKaermi3E8rWugfACKcQLhIKKTvvDlOk1Z5r5rLqSgm3Co_VqETsr7iKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTMwNDUyNjYyMjU2NDY0Mjg1NQ&google_push=AXcoOmTovMAzsCxAsSW--ZKJppnDpkoxObyWaUDJUGj_BEKaermi3E8rWugfACKcQLhIKKTvvDlOk1Z5r5rLqSgm3Co_VqETsr7iKQ

Request Chain 88

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENqOPp0KduoIYBSdtknhFh8&google_cver=1&google_push=AXcoOmRLT_b2vbi1qC-Fw9GqI7E-CUsnAZ5Ky25nPllMv5dU8iFQfpFWNQmtXRRO1ESin8ThAg7IzyLl_81Ag7paaWuhNDyE7nioxg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRLT_b2vbi1qC-Fw9GqI7E-CUsnAZ5Ky25nPllMv5dU8iFQfpFWNQmtXRRO1ESin8ThAg7IzyLl_81Ag7paaWuhNDyE7nioxg

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
citizendailypost.com/ 38 KB
8 KB 8578ms
429ms Document
text/html 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70f15988d9f6c31ada332a2213be7932b3964ae3c0660bc2521899ec530e4506

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82718e5fc88bf0a7-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 17:46:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHVE4ydr6Qpovm2OW3u5dbM6XjzbUYgmNS%2Fxuovbpq%2FVllx65XfVZt4o1YMQH6w7BB9RdqECZCnOWdbhjjOugbksilVfdm9pezdvfdaC305T1kKhdMb0xR7gqkml45JxmXTe%2BwAGFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 510ms
86ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6790618165462490

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

412ab944f3eadd2a32c5b5e9c87814d6a4e99e6e50a14ea70eb6b1066923f8ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Origin: https://citizendailypost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53017
x-xss-protection: 0
server: cafe
etag: 15478014821301673380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 17:46:56 GMT

GET
H2 200 font-awesome.min.css
citizendailypost.com/assets/font/ 21 KB
5 KB 423ms
420ms Stylesheet
text/css 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/font/font-awesome.min.css
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e544fbba92b99ba55d370b4cd0e32d6330fa945a7e26ca880f43bc2c889a1dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Jan 2015 04:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2OFaF1egVekEhHQcWxbXres%2B5ZFclhNouyvlEhB65wMbSaWjzpyGIw4O2AiJ5v2Pbe1TQa1VSoLB7E2%2FrN9103%2BWIrcCjqUgKtwFsCtF6rZuUBNn8eLu%2BoGuZCaCS6ngk0pbgRTxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82718e626d55f0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 font.css
citizendailypost.com/assets/font/ 375 B
474 B 424ms
422ms Stylesheet
text/css 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/font/font.css
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebc01295afe9e9063b3870c6a03a2cc0547db2eda5d1a1e3238dd1f1aeeabe5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Jan 2015 05:05:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0u7dSVl3R1zQpVKdCblMcD8%2FzdcEJsxhUW7k1IU1JInxzjxkC8nZ3cPyhFJtv5xAGKpqevS3%2BObGeSJ8sT8hTarZM3E%2BQYStTjNrZJJQLMjwxsvddlN6Hvyl%2FYa4Gr%2FDSLChr3diw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82718e626d57f0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
citizendailypost.com/assets/css/ 95 KB
17 KB 589ms
587ms Stylesheet
text/css 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/css/bootstrap.min.css
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a899db6e2ec14efc965767ed639734db81ce68fb7b54a152bc0efe998ed33c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 12:29:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMcw%2FdfWEBqOLiRqJ57u0vRKhTm%2F0mrCKzls2q4TI1TAhQZarRQUBd2yPZbxCWgnCG%2BTGMQl6HFfX08riu8vjrD2XtAbvcmqT773rxkJN7mB7VSDERHxWRBCWIvc3jT0fU96EdPplw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82718e626d59f0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 responsive.css
citizendailypost.com/assets/css/ 3 KB
1 KB 402ms
400ms Stylesheet
text/css 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/css/responsive.css
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 613cf39b5684ef11f2c7dc10cded9d45cb905dd316198550b6c8f3eb5df9bc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Jan 2015 05:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BMn5KWzulPnuur4Nn5Xif5R%2F0XbuLIzqSXcCeMZgswiU1SITl%2FGNbk3Qw903hV0Dg26ILzH%2BZGBwL2m6HiGU15GKLe%2F5Nd9zX23mtmMz0Vpt%2FR3MqR%2FB4Hrpgln6MauC5xmfuUy4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82718e626d5bf0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.bxslider.css
citizendailypost.com/assets/css/ 3 KB
1 KB 435ms
433ms Stylesheet
text/css 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/css/jquery.bxslider.css
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a819723bc6e9a1f70b5d2277ca6520155623e3684d4cc3c2fb09de09b0dae34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Jan 2015 05:14:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsYBiHFXY7bjX2Nvlk7E%2Ff6UfXqe4F%2F8J1Yo6up2ymTP5Yet9TJ%2BmrNfEkxgnJZw5gttkUKdusAzGaqq1DKn4xJfAFLm%2FRy0CEXrW7v37SpqTi1lLRniNty96AUu%2FiC%2FS5wQQdGS8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82718e626d5df0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
citizendailypost.com/assets/css/ 10 KB
3 KB 423ms
421ms Stylesheet
text/css 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/css/style.css
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c13ff37f66efa77142e65ce38ed338bd3a6911fe671a576226807a657995e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 12:40:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vm1AhwSiDwtbFaQL1ynUEF17LnSLl0HlLj7zscpHAvsVDaCXxJMprw%2BsovRQpBul0frSESInNBDmJU0SrSKVsGqjg7xNh0mkn4EKyVAGfOP9ZIDVYkqmx90txiKPaAILMhMH51z%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82718e626d5ff0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
citizendailypost.com/images/ 4 KB
4 KB 435ms
434ms Image
image/png 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizendailypost.com/images/logo.png
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12abb33a21f4498ff7aaaefd4be6e4380f00b7ecdc1fe8ce5abbd0212e71a7a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
cf-cache-status: MISS
last-modified: Sun, 09 Jul 2023 06:30:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j9GY545CN%2B9Kz1f%2FtquPRhrNzQGsjQIrqCrrztyYqiIIB%2F%2FlbkpyVGb9aQMIv9CpExLO2fNX4zU1jubYmGkAemK13u6vav6f%2FU6dVbcw7IhLFAhkTdvWhPn3p%2BWw7dc85%2FDTE%2ByKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82718e626d61f0a7-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4256

GET
H2 200 GTY_sydney_fireworks_ml_141231_16x9_992.jpg
s.abcnews.com/images/International/ 132 KB
133 KB 206ms
57ms Image
image/jpeg 18.239.18.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/International/GTY_sydney_fireworks_ml_141231_16x9_992.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-36.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a69013649f303155839b3e079af5c08aac27a5cf0b78933b3689e8a1d0f08195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 16 Nov 2023 12:03:08 GMT
via: 1.1 be95b2ba3a5805485c26e84ad1dd7a2e.cloudfront.net (CloudFront)
last-modified: Fri, 28 Dec 2018 10:05:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 20628
etag: "024d9d0647c608a2c52f5fd5cfbb1452"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 135293
x-amz-cf-id: YLas5Gp745qBiJkqiBEYjK9jX-9MnbI5gdcluMTcUYQ-1Mh0SNHPPw==
x-amz-meta-mtime: 1420039325.3958705

GET
H2 200 shopping-mall-1316787_1280.jpg
cdn.pixabay.com/photo/2016/04/08/18/46/ 319 KB
320 KB 226ms
110ms Image
binary/octet-stream 2606:4700:4400::6812:2860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2016/04/08/18/46/shopping-mall-1316787_1280.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f61e568567e44b82afeb297b2b25e37234eb3688f688225e28cda8134705a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:55 GMT
x-amz-version-id: UFBjnUs31WUIF9ItSaa_eA.vN6UDh_XM
cf-cache-status: HIT
age: 272227
x-amz-request-id: TWD91KMS4Y3DVQ27
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 326896
x-amz-id-2: 652O4EveujdqDpqJH2Ej9j/fKa4Ayy42rgMDvszvCPkR3U7qg0IX9nF6vHOJjJpR8zbqynjEmZ0=
last-modified: Tue, 11 Oct 2022 17:43:41 GMT
server: cloudflare
etag: "c1543b9c6f6865808c9977059b5280a5"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 82718e6329cb71b5-FRA
expires: Fri, 15 Nov 2024 17:46:55 GMT

GET
H/1.1 200
OK Scarlett-Johansson-Bikini-IG-1024x576.jpg
lajolla.com/wp-content/uploads/2021/06/ 66 KB
67 KB 425ms
146ms Image
image/jpeg 54.90.74.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lajolla.com/wp-content/uploads/2021/06/Scarlett-Johansson-Bikini-IG-1024x576.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.90.74.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-90-74-72.compute-1.amazonaws.com
Software: Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.4.26 /
Resource Hash: fdc7a87ff15909ab70f238b888213a6860a9a3008c34e63d3510b5d3a5c3e9c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 17:46:56 GMT
Last-Modified: Thu, 11 May 2023 13:12:45 GMT
Server: Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.4.26
ETag: "1093f-5fb6abe8506b2"
Upgrade: h2,h2c
Content-Type: image/jpeg
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 67903

GET
H2 200 dorset-3909444_1280.jpg
cdn.pixabay.com/photo/2019/01/02/18/51/ 252 KB
0 477ms
363ms Image
binary/octet-stream 2606:4700:4400::6812:2860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2019/01/02/18/51/dorset-3909444_1280.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
x-amz-version-id: owTaafDHGKJ9mqe3zTWC0tzo3.j04Lfc
cf-cache-status: MISS
x-amz-request-id: M02CSG5XV80A0XKA
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 353049
x-amz-id-2: IrIita2Z1vCpzWsAuQ0VaMpn3Vpnkolmyrt/q2nOWYK0rNcqbSocY6UkBKW4xF+ChpaJgqV8Y6E=
last-modified: Wed, 12 Oct 2022 07:45:48 GMT
server: cloudflare
etag: "6c993d9a4034c9f0a6fd90bb72b65559"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 82718e6329cc71b5-FRA
expires: Fri, 15 Nov 2024 17:46:56 GMT

GET
H2 200 Asia-Typhoon-21_1693530287417_1693530313564.jpg
www.livemint.com/lm-img/img/2023/09/01/600x338/ 40 KB
41 KB 1897ms
1425ms Image
image/avif 2.19.226.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livemint.com/lm-img/img/2023/09/01/600x338/Asia-Typhoon-21_1693530287417_1693530313564.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.226.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-226-49.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

fac367ada1217c85134edb2d1406f3baafd425448c92b39e488d4df6c0d65848

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:57 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
server: Akamai Image Manager
mpulse_cdn_cache: HIT
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: image/avif
cache-control: max-age=2592000, must-revalidate
mpulse_origin_time: 0
expires: Sat, 16 Dec 2023 17:46:57 GMT

GET
H2 200 pueblo-1680297_1280.jpg
cdn.pixabay.com/photo/2016/09/19/13/36/ 327 KB
328 KB 184ms
70ms Image
binary/octet-stream 2606:4700:4400::6812:2860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2016/09/19/13/36/pueblo-1680297_1280.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ea0e28e3967009ff4760f5856d6bd4232752b1d6be3d2be96829466b2147f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:55 GMT
x-amz-version-id: sKDb7Q6n2EM7A9wNoiAVPbnYGz_7pPEv
cf-cache-status: HIT
age: 17735
x-amz-request-id: ZQS0SQY9HBGWQBWE
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 334861
x-amz-id-2: DBwp8VulPDv50osC8mWVSe9Vi+aNrIkIgNntJFSgcd8MAgVjAWM2ScaOZUyLoZM65WByteqOa30=
last-modified: Tue, 11 Oct 2022 19:55:50 GMT
server: cloudflare
etag: "0b95e5c7ada8d73d7ee1c454b91a46cf"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 82718e6329d071b5-FRA
expires: Fri, 15 Nov 2024 17:46:55 GMT

GET
H2 200 milwaukee-1809577_1280.jpg
cdn.pixabay.com/photo/2016/11/08/22/33/ 314 KB
314 KB 401ms
286ms Image
binary/octet-stream 2606:4700:4400::6812:2860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2016/11/08/22/33/milwaukee-1809577_1280.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c982e33325b737df9e01069f58775d9d827fabc6282d8a78902ff1e25b44af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
x-amz-version-id: zlrPScNSQohi9kCYzPR4OGI56EWNmlCr
cf-cache-status: MISS
x-amz-request-id: M0263S878P24K1K4
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 321042
x-amz-id-2: ZKgidP6XR4Uf1m6w9I7W7D+74aCHAZ0WPxzcNa5gVSnfKX69px/mnMnjkb5i42JTDfzKkFLKRWw=
last-modified: Tue, 11 Oct 2022 20:40:39 GMT
server: cloudflare
etag: "e1a5286f9ebabc82ca3dbd69941e6f8b"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 82718e6329ce71b5-FRA
expires: Fri, 15 Nov 2024 17:46:56 GMT

GET
H2 200 arch-2396483_1280.jpg
cdn.pixabay.com/photo/2017/06/12/19/05/ 228 KB
228 KB 403ms
288ms Image
binary/octet-stream 2606:4700:4400::6812:2860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2017/06/12/19/05/arch-2396483_1280.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb42ce48558b19e316459205865779074d94ab84ffc81724dee572a70a289842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
x-amz-version-id: f1EhZk64j.8V4kaML4.9iXNdTHUoenkw
cf-cache-status: MISS
x-amz-request-id: M020HD46H3DX1BVS
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 233074
x-amz-id-2: N6ZlW1fEsY0dc8vXb9kg0pE+DCWV4GKrF64dkdIjVDeoG27bprqrE5jeSmHtuZeBftZb9Qcocms=
last-modified: Tue, 11 Oct 2022 23:34:06 GMT
server: cloudflare
etag: "c4c5d5bb45c463c27aa68c8e68553452"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 82718e6329cf71b5-FRA
expires: Fri, 15 Nov 2024 17:46:56 GMT

GET
H2 200 ohio-1936640_1280.jpg
cdn.pixabay.com/photo/2016/12/28/17/55/ 459 KB
460 KB 223ms
109ms Image
binary/octet-stream 2606:4700:4400::6812:2860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2016/12/28/17/55/ohio-1936640_1280.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ea5f0871d0757566081a5f65c02a350da119708d27d6479df54ceda155489e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:55 GMT
x-amz-version-id: t_APr3qkW1nEyrS6l03Wd1uOyAabv.H1
cf-cache-status: HIT
age: 27230
x-amz-request-id: Q09YRVVTJTDS4AYG
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 469880
x-amz-id-2: ql+AievurEtyJKCmvvkjNMN0Ww4OS8e5ITzVskBtdy/oHzcBLECgfn9HidHSRqsFbsyI1ly9E+D0To5wuj14E5+5iWd+jVXL
last-modified: Tue, 11 Oct 2022 21:20:13 GMT
server: cloudflare
etag: "fd74b7d1cad28498c6e7eb9afd2e37b8"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 82718e6329d371b5-FRA
expires: Fri, 15 Nov 2024 17:46:55 GMT

GET barn-996345_1280.jpg
cdn.pixabay.com/photo/2015/10/19/17/07/ 0
0

GET
H2 200 red-dead-redemption-2-review-feature-header.jpg
www.digitaltrends.com/wp-content/uploads/2018/10/ 290 KB
290 KB 532ms
415ms Image
image/webp 192.0.66.16
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.digitaltrends.com/wp-content/uploads/2018/10/red-dead-redemption-2-review-feature-header.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.16 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0fcccb336807a05fc9850a939516b5c6319ef310f66028c5a24a8ea920e8127c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
strict-transport-security: max-age=31536000
x-rq: hhn1 109 84 443
last-modified: Thu, 16 Nov 2023 17:46:56 GMT
server: nginx
etag: "3082df3605a764c3"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 296712

GET
H2 200 The_SpaceX_Factory.jpg
upload.wikimedia.org/wikipedia/commons/7/79/ 4 MB
4 MB 1033ms
566ms Image
image/jpeg 185.15.59.240
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/7/79/The_SpaceX_Factory.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.15.59.240 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/9.1.4 /

Resource Hash

55f99faf3ee030e44d5f688d5d96ab2cadaf606dae6241483402e7276e5f1b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 10:22:16 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 26680
x-cache-status: hit-local
x-cache: cp3080 hit, cp3080 miss
server-timing: cache;desc="hit-local", host;desc="cp3080"
content-length: 4275404
x-client-ip: 37.58.58.244
x-object-meta-sha1base36: dylkxis2fzux22x6gf5jyr8olu1h9mz
last-modified: Sat, 13 Jun 2020 15:42:43 GMT
server: ATS/9.1.4
etag: 35987b96d1dcd1fb6144e84d535ea90e
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 media-998990_640.jpg
cdn.pixabay.com/photo/2015/10/21/08/22/ 67 KB
68 KB 71ms
70ms Image
binary/octet-stream 2606:4700:4400::6812:2860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixabay.com/photo/2015/10/21/08/22/media-998990_640.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c43253bf7af9eb763918d8a828a7adf0bab462abd5d925019859a142dbe1d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
x-amz-version-id: nFFvN9TaCmZjjMhb1ntOSFec4Ww.Bthc
cf-cache-status: HIT
age: 660511
x-amz-request-id: ASB3WBCQT47TXCZP
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 68977
x-amz-id-2: FWTnPIESxVpQQweoyA/jNFHqHOxEjujXkySNiFY7OZyU8RNhsmuB/1cyl8kMXqnffQGf+H9g5HA=
last-modified: Tue, 11 Oct 2022 15:45:27 GMT
server: cloudflare
etag: "57bcdf3a7266ef26a41a9a568931b76c"
vary: Accept-Encoding
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 82718e64bbca71b5-FRA
expires: Fri, 15 Nov 2024 17:46:56 GMT

GET
H2 200 fear-and-loathing-in-las-vegas.jpeg
www.highonfilms.com/wp-content/uploads/2022/02/ 158 KB
159 KB 787ms
619ms Image
image/webp 34.160.17.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.highonfilms.com/wp-content/uploads/2022/02/fear-and-loathing-in-las-vegas.jpeg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.160.17.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.17.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ed5141d34d36d866bc5ed639de85f06e78d156dc34b88d928efa379d289fcb08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Thu, 16 Nov 2023 17:46:56 GMT
expires: Fri, 15 Nov 2024 17:46:56 GMT
last-modified: Sat, 03 Jun 2023 16:40:07 GMT
server: nginx
etag: "647b6ce7-27886"
x-proxy-cache-info: 0 NC:000000 UP:
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 161926
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 1*UdAuFGh5YZe0Dn_lh471UQ.jpeg
miro.medium.com/v2/resize:fit:1000/ 60 KB
61 KB 652ms
212ms Image
image/jpeg 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:1000/1*UdAuFGh5YZe0Dn_lh471UQ.jpeg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb264f26204859ff9c73e252465fc0649f2ea038070e31c90344e37863e07ae2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'
cf-cache-status: HIT
x-envoy-upstream-service-time: 198
content-disposition: inline; filename="1*UdAuFGh5YZe0Dn_lh471UQ.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 61483
x-request-id: 15a35f32-e5ea-4768-af5b-4d4f8335d511
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "hlfIPUxoSL0RsahRXXbWt0H132QRLQ4MLCuz2JDzdnc/RIjUxZDAyZTE0Njg3OTYxOTdiNDBlN2ZlNTg3OGVmNTUxIg"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231012-152649-b8092c91fb
accept-ranges: bytes
cf-ray: 82718e67ba462bb5-FRA
expires: Fri, 15 Nov 2024 17:46:56 GMT

GET
H2 200 OO2W3QRDQRKTXD6BXA7N6WWESI.jpg
gray-wymt-prod.cdn.arcpublishing.com/resizer/dVUJ4S9MTULs9RF-xIudOgjCyMY=/1200x675/smart/filters:quality(85)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 34 KB
35 KB 1897ms
1443ms Image
image/avif 23.38.98.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wymt-prod.cdn.arcpublishing.com/resizer/dVUJ4S9MTULs9RF-xIudOgjCyMY=/1200x675/smart/filters:quality(85)/cloudfront-us-east-1.images.arcpublishing.com/gray/OO2W3QRDQRKTXD6BXA7N6WWESI.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.98.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-38-98-17.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f872d513a0ef369af808e359e304b568d37966ef0d32699e0c54f4ac2eb83eab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 16 Nov 2023 17:46:58 GMT
last-modified: Thu, 09 Nov 2023 04:18:16 GMT
server: Akamai Image Manager
etag: "d8d79616c4ed2df6681b21a88279d5eb92d6cf17"
x-arc-request-id: 0.51632617.1700156816.cf6ba22
content-type: image/avif
cache-control: private, no-transform, max-age=30882566
server-timing: cdn-cache; desc=HIT, edge; dur=1113, origin; dur=0, ak_p; desc="1700156816564_388391761_217496098_111306_61830_52_295_146";dur=1
content-length: 35059
expires: Fri, 08 Nov 2024 04:16:24 GMT

GET
H2 200 usatsi_19328450_168396005_lowres.jpg
www.si.com/.image/t_share/MTk5MjAxNzk0OTA2MTM4MDE0/ 233 KB
234 KB 276ms
173ms Image
image/jpeg 151.101.2.98
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.si.com/.image/t_share/MTk5MjAxNzk0OTA2MTM4MDE0/usatsi_19328450_168396005_lowres.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.98 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

572cba4eb6c727b433fbd506c88200f2eab5974ef06044dc4ff8ceb25e72bee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
via: 1.1 varnish, 1.1 varnish
x-saycdn-ttl: 30028857.000
strict-transport-security: max-age=31557600
age: 1343920
x-say-cacheable: YES
x-say-ttl: 31536000.000
cache-tag: 408385544729915226788354525640923582756,458508228138032562694674978554344320573,6ad8536215968eb1f3494143392c77bf
x-cache: HIT, HIT
server-timing: time-start-msec;dur=1700156816305,time-elapsed;dur=91,fastly-pop;desc=FRA,hit-state;desc=HIT-CLUSTER
content-length: 238517
x-served-by: cache-iad-kiad7000165-IAD, cache-fra-eddf8230070-FRA
last-modified: Sat, 08 Jul 2023 02:30:04 GMT
server: Cloudinary
x-timer: S1700156816.305055,VS0,VE91
etag: "60bae59b0104cffbc3fc77224e5bcd1e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition,Content-Length,Content-Range,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 44, 1

GET
H2 200 20130829_ajw_ay3_090.0.jpg
cdn.vox-cdn.com/thumbor/KDqDz-49gR7xVFaOt5WGFX2ckRQ=/0x100:4000x2767/1200x800/filters:focal(0x100:4000x2767)/cdn.vox-cdn.com/uploads/chorus_image/image/18659755/ 143 KB
144 KB 286ms
94ms Image
image/jpeg 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.vox-cdn.com/thumbor/KDqDz-49gR7xVFaOt5WGFX2ckRQ=/0x100:4000x2767/1200x800/filters:focal(0x100:4000x2767)/cdn.vox-cdn.com/uploads/chorus_image/image/18659755/20130829_ajw_ay3_090.0.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Thumbor/6.7.0 /

Resource Hash

8a121f46f72a30dd301cf7b457b2d97e29cdb175f7c85fb95d5fae96e6aea41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 16 Nov 2023 17:46:56 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
age: 273614
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146694
x-served-by: cache-fra-eddf8230135-FRA
server: Thumbor/6.7.0
x-timer: S1700156817.569069,VS0,VE2
etag: "2c4d5d2524b831f65e92790ed756f64f54721069"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315576000,public
accept-ranges: bytes
expires: Thu, 20 Oct 2033 18:15:07 GMT

GET
H2 200 shutterstock_1181691859.jpg
www.medicaldevice-network.com/wp-content/uploads/sites/23/2022/06/ 35 KB
36 KB 616ms
112ms Image
image/webp 23.185.0.4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.medicaldevice-network.com/wp-content/uploads/sites/23/2022/06/shutterstock_1181691859.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

df56766bb77b14dec921578c7ff8ae5b070ba109071159968d0ea71b6efac6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0, 3, 1, 0
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 17:46:56 GMT
fastly-io-served-by: img02-europe-west2
age: 28889
x-cache: MISS, HIT, HIT, MISS
fastly-io-info: ifsz=84096 idim=800x600 ifmt=jpeg ofsz=36156 odim=800x600 ofmt=webp
x-pantheon-styx-hostname: styx-fe4-b-66596c678d-6q56h
fastly-stats: io=1
content-length: 36156
x-served-by: cache-ams21080-AMS, cache-ams12758-AMS, cache-fra-eddf8230054-FRA, cache-fra-eddf8230054-FRA
server: nginx
x-timer: S1700156817.872737,VS0,VE44
etag: "ZgqFm4Yq49Fj8MUMfqcgCkCAK6fS1GzZ+YyzZMoYmiM"
vary: Accept
content-type: image/webp
x-styx-req-id: df24c2b9-8464-11ee-83a5-c206a368ff32
cache-control: max-age=31622400
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:45:27 GMT

GET
H2 200 763f9-16914809049653-1920.jpg
staticg.sportskeeda.com/editor/2023/08/ 105 KB
106 KB 956ms
241ms Image
image/webp 108.156.39.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staticg.sportskeeda.com/editor/2023/08/763f9-16914809049653-1920.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.39.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-39-13.lhr50.r.cloudfront.net

Software

Resource Hash

612875da5a70e44bca9545d58b9beacd16415ff883bfa95c6322ce2dc66d391a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 01 Oct 2023 11:12:06 GMT
via: 1.1 db92535f619848d07c0f5eb965b50adc.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651954052bcb7381eb03f771
x-amz-cf-pop: LHR50-P1
age: 3998091
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.835
alt-svc: h3=":443"; ma=86400
content-length: 107644
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: staticg.sportskeeda.com 2023-08-08
etag: "37zfvhwtj9qvd"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: eATGPBAcRJovdwFDYpIBw-jUbv16l7Cinc-HVVJycjeTHH-6thc4vw==

GET
H2 200 webheader_bluemoon.png
d3ezn0y6hdgq62.cloudfront.net/assets/sld/ 782 KB
783 KB 572ms
58ms Image
image/png 18.239.102.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3ezn0y6hdgq62.cloudfront.net/assets/sld/webheader_bluemoon.png
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.102.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-102-66.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e12aa9e81dc9c4bc03633c8404537c43f2e2fd22f20b104d8e7467b6f12c13a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:31:34 GMT
via: 1.1 5fcfa33730e16a82669ad0b497f19c94.cloudfront.net (CloudFront)
last-modified: Fri, 19 May 2023 15:23:11 GMT
server: AmazonS3
age: 72923
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
etag: "b9ebd50f9366fe88d0e68fcb9d07fadd"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
content-disposition: attachment
accept-ranges: bytes
content-length: 800953
x-amz-cf-id: Ro988iq7ojMTHhlweLQsVf65wfieuPu65moxJHX-ZkRNwcRVNIfFUg==

GET surgery-1807541_1280.jpg
cdn.pixabay.com/photo/2016/11/08/05/29/ 0
0

GET
H2 200 blue-covid-banner.jpg
www.paho.org/sites/default/files/styles/max_1500x1500/public/2020-03/ 168 KB
169 KB 850ms
286ms Image
image/webp 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paho.org/sites/default/files/styles/max_1500x1500/public/2020-03/blue-covid-banner.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6e71e1bcb25a09497b68c7765a7f76a40e1b3e713f5c6640df21591de72176dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0, 0, 0, 0
strict-transport-security: max-age=31622400; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 17:46:57 GMT
fastly-io-served-by: img06-europe-west2
age: 297220
x-cache: MISS, MISS, MISS, MISS
fastly-io-info: ifsz=310201 idim=1420x703 ifmt=jpeg ofsz=172346 odim=1420x703 ofmt=webp
x-pantheon-styx-hostname: styx-fe4-b-5f789cc6cc-kw6lb
fastly-stats: io=1
content-length: 172346
x-xss-protection: 1; mode=block
x-served-by: cache-ams21021-AMS, cache-ams12754-AMS, cache-fra-eddf8230100-FRA, cache-fra-eddf8230100-FRA
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-timer: S1700156817.934996,VS0,VE241
etag: "Qbo1GbNTlxqEXDKdaU1EDJxjgacA5zB4ZfIJ5zjdKb4"
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/webp
x-styx-req-id: 1dd8a103-81f4-11ee-bafc-d6e43318f7cd
cache-control: max-age=31622400
accept-ranges: bytes
expires: Wed, 13 Nov 2024 07:13:16 GMT

GET
H2 200 dae60f9e-6bc2-4d87-84e0-b5c73f5b701b_750x422.jpg
media.tegna-media.com/assets/VERIFY/images/dae60f9e-6bc2-4d87-84e0-b5c73f5b701b/ 75 KB
76 KB 814ms
300ms Image
image/jpeg 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tegna-media.com/assets/VERIFY/images/dae60f9e-6bc2-4d87-84e0-b5c73f5b701b/dae60f9e-6bc2-4d87-84e0-b5c73f5b701b_750x422.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 20be544153c32cbe14e1016be61c8a191f50345a6cda2ecb83ee0cc86ccebe24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 8BdPI9mb.tBUP0R4PGK6MAM50w_UXz6p
date: Thu, 16 Nov 2023 17:46:57 GMT
last-modified: Mon, 07 Aug 2023 23:52:43 GMT
server: AmazonS3
x-amz-request-id: X6AWFPA37X2A7ZD9
etag: "8f7d898abf0730e022a9909325622f4e"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1295980
accept-ranges: bytes
content-length: 77022
x-amz-id-2: Nqf+5gxf+/s/IgIpv/9Bb17lKeBKhdYA3y8tKRCfMShoHnweLAwq/LNa21G2adUmPf3RF8G5Vyw=
expires: Fri, 01 Dec 2023 17:46:37 GMT

GET
H2 200 rewind-the-shining-credit-imdb.jpg
archive.themedium.ca/wp-content/uploads/2019/10/ 143 KB
143 KB 851ms
337ms Image
image/jpeg 69.174.52.39
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archive.themedium.ca/wp-content/uploads/2019/10/rewind-the-shining-credit-imdb.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.174.52.39 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
Software: Apache /
Resource Hash: b5f81a242db048a71aacf58bbd369bbf3e4c0e70c3469051ec04d437203bd35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
last-modified: Sun, 22 Aug 2021 02:16:28 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 146098
expires: Fri, 15 Mar 2024 17:46:56 GMT

GET
H2 200 2589576.jpg
www.thebeachguide.co.uk/public/geophotos/ 75 KB
76 KB 549ms
339ms Image
image/jpeg 109.228.36.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thebeachguide.co.uk/public/geophotos/2589576.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.228.36.162 Alton, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: itpz.com
Software: nginx /
Resource Hash: bc6ef3cf9d49cf5091a8466304c85e7aeee969ec53985acaa2038bf93c4f4e8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Nov 2023 17:46:56 GMT
last-modified: Mon, 05 Oct 2015 14:18:46 GMT
server: nginx
etag: "561286c6-12d1a"
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 77082

GET
H2 200 _114381013_beach2.png.jpg
ichef.bbci.co.uk/news/976/cpsprodpb/792A/production/ 102 KB
103 KB 814ms
50ms Image
image/jpeg 23.73.140.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ichef.bbci.co.uk/news/976/cpsprodpb/792A/production/_114381013_beach2.png.jpg
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.140.140 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-140-140.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e196a7afcddd4645b89dc82a414436d831e7766850f2b446df9e50a625f63a54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:57 GMT
last-modified: Tue, 15 Sep 2020 10:28:44 GMT
server: AmazonS3
etag: "694c153a937d508b312e0c75e1dc6c26"
access-control-max-age: 300
access-control-allow-methods: HEAD,GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *
content-length: 104829
expires: Sat, 07 Sep 2024 19:38:51 GMT

GET
H2 200 0_GettyImages-176637016.jpg
i2-prod.bristolpost.co.uk/incoming/article4374561.ece/ALTERNATES/s1200d/ 82 KB
83 KB 496ms
328ms Image
image/webp 18.66.112.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.bristolpost.co.uk/incoming/article4374561.ece/ALTERNATES/s1200d/0_GettyImages-176637016.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-90.fra56.r.cloudfront.net

Software

Apache-Coyote/1.1 /

Resource Hash

c3967e514a368272932b8b69b62ec63dd04a519427bb11d11b4d4230db7724de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-removedcookies: YES
content-length: 84416
x-served-by: ron-cache-plus302.tm-aws.com
last-modified: Wed, 29 Jul 2020 10:18:30 GMT
server: Apache-Coyote/1.1
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
x-varnish: 461101565
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: gp350H6Waa86v7BkbTeoNGbZnm9BTDuEte_ftDX_SkbGj_QylBV34g==

GET
H2 200 BarafundleBeach_StackpoleEstate_WalesUK.jpg
upload.wikimedia.org/wikipedia/commons/6/6a/ 426 KB
427 KB 336ms
121ms Image
image/jpeg 185.15.59.240
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/6/6a/BarafundleBeach_StackpoleEstate_WalesUK.jpg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.15.59.240 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/9.1.4 /

Resource Hash

d64bfc3d3029576d1f027c830bb45a018d2492f3139e45eb7b6a4e0b5d21c74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 10:58:39 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 24497
x-cache-status: hit-local
x-cache: cp3080 hit, cp3080 miss
server-timing: cache;desc="hit-local", host;desc="cp3080"
content-length: 436242
x-client-ip: 37.58.58.244
x-object-meta-sha1base36: 2u0d7iejclpfgxxfob1hwkja79qeh2o
last-modified: Sat, 05 Oct 2013 01:14:22 GMT
server: ATS/9.1.4
etag: f659b6474a27f3902060efaf3d9a1278
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-min.js Show response
citizendailypost.com/assets/js/ 90 KB
33 KB 577ms
574ms Script
application/javascript 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/js/jquery-min.js
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a02723a046f7aa67dc559e0f297110b3085cbcc550af724b49920387e9e1fc09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Jan 2015 04:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjs%2BmyWh%2B9t%2BSrIsFJ%2FFQeHwS6niO93EcPtYs0zAbza%2BJduPKXN1HDdeKqqQVNLnMhR41nSlVJu%2FmKbrnzmSNS%2BSyFimCUAvzP5vPEDpHJYxyTCto3gqgldryAYtj1lqSQX3DKofyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82718e627d8af0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
citizendailypost.com/assets/js/ 27 KB
8 KB 426ms
423ms Script
application/javascript 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/js/bootstrap.min.js
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2013 14:49:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NNxHopzbxaYi8N02JT7EJITjXXKzW1uJQ4yqd%2FvplN5M0P6yQNYvzZdC%2FAOWv0wt0eaUiP1H8rgCCeA3YP%2B%2BcBV%2BHt4KtMxjgbNPuT%2BpVCy9zl1sRF62Lx3ZqnOPRLmzKZIjh3YqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82718e627d8bf0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.bxslider.js Show response
citizendailypost.com/assets/js/ 48 KB
12 KB 647ms
644ms Script
application/javascript 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/js/jquery.bxslider.js
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c88508e00768812f51e004349364887351c0139b44b126479e06c08bcd5af4fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Sep 2013 21:46:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDi4M7venvX0yhLnSKkRXMXEkz%2BiQj1Vcrzr0JSYpC3kHZJ%2BY40pijTh1%2FNYvxXM8rca8EV7LW2WA0X6dc6ZEh60JzvQPdXqFzjLEQ6DfUqk6xTAFQU3pjQOBwSyAxBa2nRAGxoiKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82718e627d8df0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 selectnav.min.js Show response
citizendailypost.com/assets/js/ 2 KB
1 KB 417ms
415ms Script
application/javascript 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/js/selectnav.min.js
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee3cdbbb9ad5b42e0d0a5b5e9b44d90a62efd3fb932a09c123033bd045a987d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Mar 2013 21:48:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xBsKVF6Ij5q10nRQDlhAHmO3XUsenNd6ydxoCyVfjqVdyr60RLv514Hz0qkETNQtH6E34Dh6U87huS2Cz0GD0InEOWESCQKNLrX4wDFssLka%2BcMGQbwfgHh%2FWTl9mAcM9d2q371vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82718e629dbdf0a7-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 site_bg.png
citizendailypost.com/assets/css/images/ 98 KB
99 KB 726ms
725ms Image
image/png 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizendailypost.com/assets/css/images/site_bg.png
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6df812d2e8bb09ca404090705ddcce1135eb01b15087173d9bd1e46b9f806cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jan 2014 16:12:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omoT5EBPYos3oCbhWL%2FN3yNMksgZorM9QVBldduQhp0TbOtwFZUAbw9MxHTt6OXr4fH3Fhreg%2FmrR%2BdNHcF53%2FD8Qpt6LXda%2FeBRs%2B8ag4T7iDNi0ts0rO%2FL37%2BoZVP0Ey2lU9Ml3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82718e664c95f0a7-CDG
alt-svc: h3=":443"; ma=86400
content-length: 100556

GET
H2 200 body_bg.png
citizendailypost.com/assets/css/images/ 1 KB
1 KB 448ms
447ms Image
image/png 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizendailypost.com/assets/css/images/body_bg.png
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb142aff283ef7ba6aab2e8a67e9cdcb1ae0578a8cd234a357b9be6b6341744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jan 2014 16:13:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu2pIR9x5IzI9HbFqH%2FF6xRWuVb6NXEm%2F0BQaaM90TCwMEqQaNoWLzkkTfGmcxJcInxlTW8sS76fUgRhowKdC0UsJ9ry%2Fj0z2B5nhM%2BOfThDg9%2FX8crBY%2FJBYnuSQyF%2FF%2BImOxoqUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82718e664c96f0a7-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1039

GET
H2 200 social_icons.png
citizendailypost.com/assets/css/images/ 4 KB
5 KB 532ms
531ms Image
image/png 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizendailypost.com/assets/css/images/social_icons.png
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb04158c866fdc034c335e330963c449ce5f8343b69dc6d5d2ee2b6b37e75049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jan 2014 16:11:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6DOHOpTcbKfZ0rSoT8j4PxJKQjJsGbenQU%2B6VcaZqCkbPyJpES%2FLO7jiQ%2BQocyYO8ZpsBWvhdSQR3C3aZLGqayiynK3E5Mlk2iXcoNCeKl9Bvc1NzG8diD1aJ5PntZp2csIdsdOHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82718e664c98f0a7-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4510

GET
H2 200 search.png
citizendailypost.com/assets/css/images/ 1 KB
2 KB 271ms
271ms Image
image/png 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizendailypost.com/assets/css/images/search.png
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbf4614978a71e37daa8165413f14e3a01f0fb735a4ef4384a5e3be88178062a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jan 2014 16:10:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcWkYDPHtCnTi3qQ9BsQz2oqW5Nnh0HA%2FBZDyETHViM5Hz0Ng8m1TtyjWtTnGpIjx6zKOu5HmVWAyYxNiRaM%2BfDYbnw%2BTsnSXXN8IaHBMraz1A3L%2BI1Jl6emwJOT2NdyCkMeaLjL%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82718e664c9bf0a7-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1423

GET
H2 200 plus.png
citizendailypost.com/assets/css/images/ 1020 B
1 KB 530ms
529ms Image
image/png 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizendailypost.com/assets/css/images/plus.png
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aff6435a542ad8afd3f959d426fcc010b211b954c25ff96ed9346147cc29fd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jan 2014 19:09:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJrjTQ1%2F0bKQUGU0YZK9ovmQaLOmOWAploi7LcU60rCTIAGKsa8oF%2BGM74lZlG6EQ3GHj4TORSp70Ra7IJGq2A0Zqmk5fQsSbx30Kg5YWpHnytOt4b6hI%2Fi6c3uikWN%2F54mXiXSBNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82718e664c9df0a7-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1020

GET
H2 200 bebas___-webfont.woff
citizendailypost.com/assets/font/fonts/ 12 KB
12 KB 529ms
528ms Font
font/woff 104.21.81.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://citizendailypost.com/assets/font/fonts/bebas___-webfont.woff
Requested by: Host: citizendailypost.com
URL: https://citizendailypost.com/assets/font/font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ac9e75b48a0625c33d1ba22d45f322505d12bc99cb9b81f830509936228d96

Request headers

Referer: https://citizendailypost.com/assets/font/font.css
Origin: https://citizendailypost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:56 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Dec 2013 03:49:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJ4dqGb7c%2F493igmOrk6qCVrIe1jiMfw5zS%2FgnbYHHPFX6k0dMV2rU%2FpYjL4bhT%2Fp%2B7sJIW1wSj663BfYg%2F7J3PK8FSY7jK4B1FtZ%2BQI%2BzIjrUf4qRCcuJbH0uKPZm9qbGmZ9v8Fxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82718e664ca0f0a7-CDG
alt-svc: h3=":443"; ma=86400
content-length: 12188

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 397 KB
135 KB 789ms
122ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6790618165462490&plah=citizendailypost.com&bust=31079756

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6790618165462490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ee6a56717d97b1b3d2c374d419c8d1e1c79f5c344d51e16502add50c8e26b1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizendailypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137294
x-xss-protection: 0
server: cafe
etag: 14358183190151402027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 17:46:57 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 0662 9 KB
4 KB 558ms
79ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6790618165462490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 07:40:08 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 07:40:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD37 23 KB
5 KB 623ms
613ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&adk=1812271804&adf=3025194257&lmt=1700156817&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816392&bpp=12&bdt=671&idt=917&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5592825283792&frm=20&pv=2&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=951

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6790618165462490&plah=citizendailypost.com&bust=31079756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

327d16734eb48aed933c859b68b56234dbadc6035565cdf6d0c5a05d5d1ce1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5335
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:46:57 GMT
expires: Thu, 16 Nov 2023 17:46:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A48 736 B
589 B 222ms
219ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=7369555951&adk=1018775299&adf=1624120734&pi=t.ma~as.7369555951&w=190&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=190x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816404&bpp=2&bdt=683&idt=944&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=810&ady=2182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=961

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5449456c5a8f87394fff35fde57e8c7a34d25cd8086ddeeefff8c940d2d97645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:46:57 GMT
expires: Thu, 16 Nov 2023 17:46:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9122 57 KB
19 KB 332ms
332ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=5181542163&adk=1444665505&adf=746076874&pi=t.ma~as.5181542163&w=250&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=250x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816406&bpp=1&bdt=685&idt=973&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=977

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9b63760debad820db3fe797b22998d3238557e0505e40d98670b1e98ae0408e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:46:57 GMT
expires: Thu, 16 Nov 2023 17:46:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5418 736 B
533 B 476ms
474ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=860&slotname=2712125646&adk=1354433015&adf=2339404175&pi=t.ma~as.2712125646&w=250&cr_col=1&cr_row=13&fwrn=2&lmt=1700156817&rafmt=9&format=250x860&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816407&bpp=1&bdt=686&idt=980&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600%2C250x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=983

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ba0623ee5a6b9ac08f7c830f930daf0b623f1496d3d6da38695a12f9608c367c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:46:57 GMT
expires: Thu, 16 Nov 2023 17:46:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2417 736 B
537 B 210ms
209ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&slotname=9713165186&adk=2248590900&adf=3198278716&pi=t.ma~as.9713165186&w=730&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=730x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816408&bpp=1&bdt=687&idt=984&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600%2C250x600%2C250x860&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=3850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=992

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

6da5c183e1f7c70b6c8a8e044acca40afe6b5d5cfebc6f040811154ca6a94ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:46:57 GMT
expires: Thu, 16 Nov 2023 17:46:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame A97D 91 KB
36 KB 503ms
36ms Script
application/javascript 13.107.213.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=5181542163&adk=1444665505&adf=746076874&pi=t.ma~as.5181542163&w=250&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=250x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816406&bpp=1&bdt=685&idt=973&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 16 Nov 2023 17:46:58 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231116T174658Z-qrmemc1zbd39t01vkq5fzpy9gg00000000tg00000003hkmt
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cc781051-701e-0094-4953-1821c1000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame A97D 80 KB
28 KB 313ms
103ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=5181542163&adk=1444665505&adf=746076874&pi=t.ma~as.5181542163&w=250&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=250x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816406&bpp=1&bdt=685&idt=973&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Thu, 16 Nov 2023 17:46:57 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 99597
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-fra-eddf8230029-FRA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1700156818.972072,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 180987

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A97D 3 KB
1 KB 442ms
31ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=5181542163&adk=1444665505&adf=746076874&pi=t.ma~as.5181542163&w=250&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=250x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816406&bpp=1&bdt=685&idt=973&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A97D 20 KB
9 KB 441ms
29ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 21:33:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A97D 203 KB
64 KB 538ms
108ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 17:46:58 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame A97D
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=65945a5f-2b3b-46c2-9915-9c99b0938bf1&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=45a3d5ae-b850-4d20...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4eb8f1a848a8472d9ecae7f4bc1ca5ed&SNR=1&GV=2&med=10

0
546 B

57ms
57ms

Image
text/plain

92.123.104.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4eb8f1a848a8472d9ecae7f4bc1ca5ed&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=5181542163&adk=1444665505&adf=746076874&pi=t.ma~as.5181542163&w=250&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=250x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816406&bpp=1&bdt=685&idt=973&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=977
Protocol: H2
Server: 92.123.104.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-53.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A4B3877D18A4F9B8167EA5ED2C8BA6C Ref B: FRAEDGE1916 Ref C: 2023-11-16T17:46:58Z
x-cdn-traceid: 0.b5a72917.1700156818.473c603
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 16 Nov 2023 17:46:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5F9631857AE4B8C87C180E4C7762BFD Ref B: FRAEDGE1506 Ref C: 2023-11-16T17:46:58Z
x-cdn-traceid: 0.b5a72917.1700156818.473c556
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4eb8f1a848a8472d9ecae7f4bc1ca5ed&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45D8 59 KB
20 KB 321ms
313ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

28eaee0fbd7399a3d609a7ec907457364adefdc6dac485d5f480b2e510300fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20445
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:46:58 GMT
expires: Thu, 16 Nov 2023 17:46:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F199 436 B
511 B 435ms
433ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=240&adk=157853398&adf=798835492&pi=t.aa~a.4218541922~rp.4&w=190&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=190x240&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280%2C450x280&nras=3&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=810&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

12d6793a79246368e1eb75580f35a62d27b4ab05729cc4294a4ebf36650ed99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:46:58 GMT
expires: Thu, 16 Nov 2023 17:46:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BDB5 436 B
511 B 433ms
433ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=100&adk=2346013718&adf=261726550&pi=t.aa~a.2007809772~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x100&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=1&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280%2C450x280%2C190x240&nras=4&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=21

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

db74717c5763fa6adedfc37f045c9d79f74131300dae8ff7bf1146956c740445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizendailypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:46:58 GMT
expires: Thu, 16 Nov 2023 17:46:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 th
www.bing.com/ Frame A97D 13 KB
14 KB 28ms
28ms Image
image/jpeg 92.123.104.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559278251313_15J4VO53MY5SQ3K7OM&pid=21.2&c=16&roil=0.2376&roit=0&roir=0.761&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=5181542163&adk=1444665505&adf=746076874&pi=t.ma~as.5181542163&w=250&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=250x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816406&bpp=1&bdt=685&idt=973&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=977
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-53.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dd7b8e685175e469859988bf142c269bb17404561b484fc3f26346020ab426d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.b5a72917.1700156818.473c72d
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 13664
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame A97D 0
532 B 184ms
64ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fcitizendailypost.com&e=wqT_3QLwA-jwAQAAAwDWAAUBCJGr2aoGEIWwtLfGi5GVeBgAKjYJw0_VNdR8lD8RHmTpBVHxkz8ZAAAAAClc5z8hHg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR44PYFgAEBigEDVVNEkgUG8LyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHGh0dHBzOi8vY2l0aXplbmRhaWx5cG9zdC5jb22AAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFzcOarOH3-Ys9wAUAyQUhERwAAPA_0gUJCQkMeAAA2AUB4AUB8AX2lET6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH4PYF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8AfBwAKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=08fda6d10d3e50338bc62e9332e0338cac29d044&bdref=https%3A%2F%2Fcitizendailypost.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fcitizendailypost.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6790618165462490%26output%3Dhtml%26h%3D600%26slotname%3D5181542163%26adk%3D1444665505%26adf%3D746076874%26pi%3Dt.ma~as.5181542163%26w%3D250%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1700156817%26rafmt%3D1%26format%3D250x600%26url%3Dhttps%253A%252F%252Fcitizendailypost.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700156816406%26bpp%3D1%26bdt%3D685%26idt%3D973%26shv%3Dr20231109%26mjsv%3Dm202311140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C190x600%26nras%3D1%26correlator%3D5592825283792%26frm%3D20%26pv%3D1%26ga_vid%3D1048506059.1700156817%26ga_sid%3D1700156817%26ga_hid%3D1122465091%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1020%26ady%3D1199%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079491%252C31078301%252C31079756%252C44807764%252C44808149%252C44808285%252C44809056%26oid%3D2%26pvsid%3D747635491595571%26tmod%3D1276933875%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D977,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6790618165462490%26output%3Dhtml%26h%3D600%26slotname%3D5181542163%26adk%3D1444665505%26adf%3D746076874%26pi%3Dt.ma~as.5181542163%26w%3D250%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1700156817%26rafmt%3D1%26format%3D250x600%26url%3Dhttps%253A%252F%252Fcitizendailypost.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700156816406%26bpp%3D1%26bdt%3D685%26idt%3D973%26shv%3Dr20231109%26mjsv%3Dm202311140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C190x600%26nras%3D1%26correlator%3D5592825283792%26frm%3D20%26pv%3D1%26ga_vid%3D1048506059.1700156817%26ga_sid%3D1700156817%26ga_hid%3D1122465091%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1020%26ady%3D1199%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079491%252C31078301%252C31079756%252C44807764%252C44808149%252C44808285%252C44809056%26oid%3D2%26pvsid%3D747635491595571%26tmod%3D1276933875%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D977&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
an-x-request-uuid: 8ad74cda-bce5-4f56-969c-ff950b1371c1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.244; 37.58.58.244; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 3CA9 91 KB
36 KB 42ms
36ms Script
application/javascript 13.107.213.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 16 Nov 2023 17:46:58 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231116T174658Z-qrmemc1zbd39t01vkq5fzpy9gg00000000tg00000003hkp4
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cc781051-701e-0094-4953-1821c1000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 3CA9 80 KB
28 KB 45ms
40ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Thu, 16 Nov 2023 17:46:58 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 99598
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-fra-eddf8230029-FRA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1700156818.400707,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 180988

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3CA9 3 KB
1 KB 36ms
32ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3CA9 20 KB
8 KB 34ms
31ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 21:33:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CA9 203 KB
64 KB 41ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 17:46:58 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 3CA9
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0164e3b7-8de6-4daf-aa83-5f8941ae2820&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=c8069bbc-5742-4f26...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4da276d6b29b4e36882d5a01bba25965&SNR=1&GV=2&med=10

0
546 B

68ms
68ms

Image
text/plain

92.123.104.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4da276d6b29b4e36882d5a01bba25965&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: H2
Server: 92.123.104.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-53.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2867CE7AB4AF447DA0B05399417918D1 Ref B: FRAEDGE2007 Ref C: 2023-11-16T17:46:58Z
x-cdn-traceid: 0.b5a72917.1700156818.473c8c9
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 16 Nov 2023 17:46:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C54545F68F14625B406ECF2166DBD89 Ref B: FRAEDGE1213 Ref C: 2023-11-16T17:46:58Z
x-cdn-traceid: 0.b5a72917.1700156818.473c7f6
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4da276d6b29b4e36882d5a01bba25965&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 3CA9 28 KB
28 KB 56ms
55ms Image
image/jpeg 92.123.104.53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215888778896_1I4GJWGNN8REU77TQI&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=336&h=176&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.53 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-53.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 05ffd690ad946159b6c27f4095b8e79d9b5d6d2c77e4af19b0960dbda2a1079c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.b5a72917.1700156818.473c89b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 28722
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 3CA9 0
531 B 124ms
123ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fcitizendailypost.com&e=wqT_3QLwA-jwAQAAAwDWAAUBCJKr2aoGEI3Zl_azyOKDeRgAKjYJzRrSgrJyoD8RaXC8WLECoD8ZAAAAAClc5z8haQ0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR44PQFgAEBigEDVVNEkgUG8LyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHGh0dHBzOi8vY2l0aXplbmRhaWx5cG9zdC5jb22AAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFiaKOg9y1iewLwAUAyQUhERwAAPA_0gUJCQkMeAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH4PQF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8AfBwAKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=9c2ca5bbe036a8afff6b02306b593d9d6000100f&bdref=https%3A%2F%2Fcitizendailypost.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fcitizendailypost.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6790618165462490%26output%3Dhtml%26h%3D280%26adk%3D3819879894%26adf%3D3754241251%26pi%3Dt.aa~a.2007806693~rp.4%26w%3D450%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1700156818%26rafmt%3D1%26to%3Dqs%26pwprc%3D8545908949%26format%3D450x280%26url%3Dhttps%253A%252F%252Fcitizendailypost.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700156818022%26bpp%3D1%26bdt%3D2301%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Db9829746cf0be07b%253AT%253D1700156817%253ART%253D1700156817%253AS%253DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw%26gpic%3DUID%253D00000cdc1b62a66c%253AT%253D1700156817%253ART%253D1700156817%253AS%253DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg%26prev_fmts%3D0x0%252C190x600%252C250x600%252C250x860%252C730x280%26nras%3D2%26correlator%3D5592825283792%26frm%3D20%26pv%3D1%26ga_vid%3D1048506059.1700156817%26ga_sid%3D1700156817%26ga_hid%3D1122465091%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D330%26ady%3D1414%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079491%252C31078301%252C31079756%252C44807764%252C44808149%252C44808285%252C44809056%26oid%3D2%26pvsid%3D747635491595571%26tmod%3D1276933875%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D5,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6790618165462490%26output%3Dhtml%26h%3D280%26adk%3D3819879894%26adf%3D3754241251%26pi%3Dt.aa~a.2007806693~rp.4%26w%3D450%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1700156818%26rafmt%3D1%26to%3Dqs%26pwprc%3D8545908949%26format%3D450x280%26url%3Dhttps%253A%252F%252Fcitizendailypost.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700156818022%26bpp%3D1%26bdt%3D2301%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Db9829746cf0be07b%253AT%253D1700156817%253ART%253D1700156817%253AS%253DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw%26gpic%3DUID%253D00000cdc1b62a66c%253AT%253D1700156817%253ART%253D1700156817%253AS%253DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg%26prev_fmts%3D0x0%252C190x600%252C250x600%252C250x860%252C730x280%26nras%3D2%26correlator%3D5592825283792%26frm%3D20%26pv%3D1%26ga_vid%3D1048506059.1700156817%26ga_sid%3D1700156817%26ga_hid%3D1122465091%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D330%26ady%3D1414%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079491%252C31078301%252C31079756%252C44807764%252C44808149%252C44808285%252C44809056%26oid%3D2%26pvsid%3D747635491595571%26tmod%3D1276933875%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D5&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
an-x-request-uuid: 65a70829-4354-464f-a8fd-6015023e5275
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.244; 37.58.58.244; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A97D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a411655cdcf0172cfa13e7ca5bc1daa12d267d44aeb353d48eaf4f31c042b979

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame A97D 0
134 B 82ms
78ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoOEhkVVWZe7bGeW51fAPodKyUNLg1-Buj6S2k5MKwI23ARABIABglcKDgpgHggEXY2EtcHViLTY3OTA2MTgxNjU0NjI0OTDIAQmoAwHIAwKqBPMBT9BNKn1_xzJgufNeWaB9D91vZsRA6iouDlTLxld52PjSNhh0PrZ4LxAhKEtpM40QdDmNAIlv7ek4Bq7o0twpVpOBZMkrNgJ0ZwreOpChL2sVj0_fdcQaJy-zJLE4EKWzY6aSC4zPZeVe1w6WJCyMEpMzqMCNwH9vg_zgrr_CdKFcJSaSraWuxCKjeaTmKwWUI7VMETFeIyca4Pd3LSoOYergMeYZLdPfWlUwJLQXpcuEPPTTdxphIlGRWZ2r8fIS4UNISpjbsn0OaRUy6XkQT2WerA0LMWpdspxXTEhYv3PZFe-6STD0lcXGOV1L622gBcHvgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY3OTA2MTgxNjU0NjI0OTAYAA&sigh=tQSifTHxl1w&uach_m=[UACH]&cid=CAQSTgDICaaNN-yGSwfbVy3CapqVYFNJ6lYRZ644MyKUMk0nDgM_1F9sIE74qODiIZ2UZtnLL0r6_ke0vSGispZNLxXPs-wJJVbe9g00jfr_7RgB&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=600&slotname=5181542163&adk=1444665505&adf=746076874&pi=t.ma~as.5181542163&w=250&fwrn=4&fwrnh=100&lmt=1700156817&rafmt=1&format=250x600&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156816406&bpp=1&bdt=685&idt=973&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C190x600&nras=1&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 17:46:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame A97D 0
531 B 28ms
25ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fcitizendailypost.com&e=wqT_3QKkB-ikAwAAAwDWAAUBCJGr2aoGEIWwtLfGi5GVeBgAKjYJw0_VNdR8lD8RHmTpBVHxkz8ZAAAAAClc5z8hHg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR44PYFgAEBigEDVVNEkgUG9GkBmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhxodHRwczovL2NpdGl6ZW5kYWlseXBvc3QuY29tgAMAiAMBkAMAmAMJoAMBqgOwAwrGAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTQ1YTNkNWFlLWI4NTAtNGQyMC1hMzkzLTUxM2YxYmJmODM5ZiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NDVhM2Q1YWUtYjg1MC00ZDIwLWEzOTMtNTEzZjFiYmY4MzlmJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHIFFiBTdWJHcm91cD0RGfDtX3B5dnB4cGJhc3Zlem5ndmJhX3ViJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTODY1ODgwODM5NzIyNzY5NDA4NSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE15TVRrMk9UZzRORFEwTXpFak1qTXpOVEF4T1RFd01ETXpNVEUyTVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXNw5qs4ff5iz3ABQDJBUHCHAAA8D_SBQkJCQx4AADYBQHgBQHwBfaURPoFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfg9gXSBw0VZQEmCNoHBgFesBgA4AcA6gcCCADwB8HAAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=b1f4e80832669ae74a75ab228984412d87e277db&pp=ZVZVkQAGbe4IFVzlAAypIZwud79JnqvIEJpqTg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChOWvkVVWZe7bGeW51fAPodKyUNLg1-Buj6S2k5MKwI23ARABIABglcKDgpgHggEXY2EtcHViLTY3OTA2MTgxNjU0NjI0OTDIAQmoAwHIAwKqBPYBT9BNKn1_xzJgufNeWaB9D91vZsRA6iouDlTLxld52PjSNhh0PrZ4LxAhKEtpM40QdDmNAIlv7ek4Bq7o0twpVpOBZMkrNgJ0ZwreOpChL2sVj0_fdcQaJy-zJLE4EKWzY6aSC4zPZeVe1w6WJCyMEpMzqMCNwH9vg_zgrr_CdKFcJSaSraWuxCKjeaTmKwWUI7VMETFeIyca4Pd3LSoOYergMeYZLdPfWlUwJLQXpcuEPPTTdxphIlGRWZ2r8fIS4UNISpjbsn0OaRUy6TsSbvdcCPdmpZApBwIOyP5cnHldHMGikJJyzEF6uXdn860h56x7dz31gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1xhb-MbSKG0t1JVY7cWcql_RGhzA%26client%3Dca-pub-6790618165462490%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
an-x-request-uuid: 8dc1198e-9af8-41be-87f2-192d53c46c5a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.244; 37.58.58.244; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame A97D 0
555 B 21ms
21ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fcitizendailypost.com&e=wqT_3QKkB-ikAwAAAwDWAAUBCJGr2aoGEIWwtLfGi5GVeBgAKjYJw0_VNdR8lD8RHmTpBVHxkz8ZAAAAAClc5z8hHg0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR44PYFgAEBigEDVVNEkgUG9GkBmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhxodHRwczovL2NpdGl6ZW5kYWlseXBvc3QuY29tgAMAiAMBkAMAmAMJoAMBqgOwAwrGAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTQ1YTNkNWFlLWI4NTAtNGQyMC1hMzkzLTUxM2YxYmJmODM5ZiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NDVhM2Q1YWUtYjg1MC00ZDIwLWEzOTMtNTEzZjFiYmY4MzlmJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHIFFiBTdWJHcm91cD0RGfDtX3B5dnB4cGJhc3Zlem5ndmJhX3ViJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTODY1ODgwODM5NzIyNzY5NDA4NSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE15TVRrMk9UZzRORFEwTXpFak1qTXpOVEF4T1RFd01ETXpNVEUyTVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXNw5qs4ff5iz3ABQDJBUHCHAAA8D_SBQkJCQx4AADYBQHgBQHwBfaURPoFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfg9gXSBw0VZQEmCNoHBgFesBgA4AcA6gcCCADwB8HAAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=b1f4e80832669ae74a75ab228984412d87e277db&type=nv&nvt=5&jm=1003&px=45&py=0&bw=160&bh=160&sid=4895831731399902961&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=250&ph=600&ww=250&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
an-x-request-uuid: 6dc58473-19e2-4e85-950a-3078ac9951f8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.244; 37.58.58.244; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 128D 1 KB
757 B 42ms
42ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3CA9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 589ed4d4b1dc26d4db654adfbff099a2632347a7933938b19279496dd753618e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3CA9 0
57 B 87ms
86ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKL9JklVWZdWPBaTI1fAP2Pe6WNLg1-Buj6S2k5MKwI23ARABIABglcKDgpgHggEXY2EtcHViLTY3OTA2MTgxNjU0NjI0OTDIAQmoAwHIAwKqBPMBT9DU8KxDcUv5gzR0rSCQ9srFbfcU4YcTzNabg-Xe-F0Usm4HURKcAE9jHDvb3vVQ7Ru3R-7BBfuxE7LaqcyoMJ8Fx0vEfLGJRen9ZlldbgqPBoToja6RdiO-Oo9u_0IUmGu51f7gJCWy-K_7lqHzIt5yBDwPSlZVIAxtpDTgOefjc2Ov8sCLzCjatY6OXKwoT7rnqy40tGjB4dIVqPbziuVb-jRnrrjA6FCeFJIJIvoXUBj2VYFuXlgw9LzqpsxloX27Yp1Fg3cqvKc2nbykUKVxOmehM4F8xfUBwL1vWxTk42imo2vi80mY4Pe6CkhtP5n7gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY3OTA2MTgxNjU0NjI0OTAYAA&sigh=QYFBaZDmCT0&uach_m=[UACH]&cid=CAQSPADICaaNKiEzbpFhSG2vkYDuDzjNcxtMtnDKZJwMeFYziDTZ8B4Cz4W8rU40iJ0zGyT0ekmz8dekjA9R6hgB&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 17:46:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 3CA9 0
532 B 36ms
35ms Image
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fcitizendailypost.com&e=wqT_3QKeB-ieAwAAAwDWAAUBCJKr2aoGEI3Zl_azyOKDeRgAKjYJzRrSgrJyoD8RaXC8WLECoD8ZAAAAAClc5z8haQ0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR44PQFgAEBigEDVVNEkgUG9GkBmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhxodHRwczovL2NpdGl6ZW5kYWlseXBvc3QuY29tgAMAiAMBkAMAmAMJoAMBqgOqAwrAAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWM4MDY5YmJjLTU3NDItNGYyNi1hZGQwLTc5NWQzNjE0NmI2MSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9YzgwNjliYmMtNTc0Mi00ZjI2LWFkZDAtNzk1ZDM2MTQ2YjYxJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHIFFjhTdWJHcm91cD16emYlM0ERH_QqAV92Y3FyaXZwciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzg3MjEwOTEyMjQ4NDY4NTUzMDkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTBOall4TlRnMU16UWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFiaKOg9y1iewLwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAET18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB-D0BdIHDQkRKAEmDNoHBggFCajgBwDqBwIIAPAHwcACiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=84dc28654513e0c0dca2c488a06132056285fe51&pp=ZVZVkgABR9UIFWQkAA672IVp74zytJgRP2cw3w&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6lUklVWZdWPBaTI1fAP2Pe6WNLg1-Buj6S2k5MKwI23ARABIABglcKDgpgHggEXY2EtcHViLTY3OTA2MTgxNjU0NjI0OTDIAQmoAwHIAwKqBPYBT9DU8KxDcUv5gzR0rSCQ9srFbfcU4YcTzNabg-Xe-F0Usm4HURKcAE9jHDvb3vVQ7Ru3R-7BBfuxE7LaqcyoMJ8Fx0vEfLGJRen9ZlldbgqPBoToja6RdiO-Oo9u_0IUmGu51f7gJCWy-K_7lqHzIt5yBDwPSlZVIAxtpDTgOefjc2Ov8sCLzCjatY6OXKwoT7rnqy40tGjB4dIVqPbziuVb-jRnrrjA6FCeFJIJIvoXUBj2VYFuXlgw9LzqpsxloX27Yp1Fg3cqvKc2nf6mcTeznp3Mp3sIcGtYRAtreB5g6ka-eslkqs0kYN2WEojs3fRvz9ISgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_18mYni9jMny241DyR8WNeVimbrkg%26client%3Dca-pub-6790618165462490%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
an-x-request-uuid: 475099bc-033e-4f4f-b593-b5fbdecb83bd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.244; 37.58.58.244; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 3CA9 0
555 B 29ms
29ms Ping
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fcitizendailypost.com&e=wqT_3QKeB-ieAwAAAwDWAAUBCJKr2aoGEI3Zl_azyOKDeRgAKjYJzRrSgrJyoD8RaXC8WLECoD8ZAAAAAClc5z8haQ0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR44PQFgAEBigEDVVNEkgUG9GkBmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhxodHRwczovL2NpdGl6ZW5kYWlseXBvc3QuY29tgAMAiAMBkAMAmAMJoAMBqgOqAwrAAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWM4MDY5YmJjLTU3NDItNGYyNi1hZGQwLTc5NWQzNjE0NmI2MSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9YzgwNjliYmMtNTc0Mi00ZjI2LWFkZDAtNzk1ZDM2MTQ2YjYxJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmdHIFFjhTdWJHcm91cD16emYlM0ERH_QqAV92Y3FyaXZwciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzg3MjEwOTEyMjQ4NDY4NTUzMDkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTBOall4TlRnMU16UWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFiaKOg9y1iewLwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAET18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB-D0BdIHDQkRKAEmDNoHBggFCajgBwDqBwIIAPAHwcACiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=84dc28654513e0c0dca2c488a06132056285fe51&type=nv&nvt=5&jm=1003&px=57&py=0&bw=336&bh=176&sid=4895831731399902961&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=450&ph=280&ww=450&wh=280&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
an-x-request-uuid: 0743add3-962b-40b5-b3c2-757d9e785911
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.244; 37.58.58.244; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 128D 70 B
150 B 158ms
64ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDtmys6MmhxIWChXGvOad0Q&google_cver=1&google_push=AXcoOmSR3tExMJfpZGL5sz7anjUjaPO6kwuZkdPG2Zrpvh87JnIAGiHhMfYwp9FzWWvEBGv3BWJkEKu3hWRMoDrI8CU5kyAy827bzQY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:58 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 128D 0
174 B 179ms
61ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEI-5k6YBHsuV-sQCoL2kDwU&google_cver=1&google_push=AXcoOmRHn0z467IIclOPcyI9jOeOOXd7UlG8ZtmfC09LOhh6iaoxV4xEXeN-CrD9HpWWwucet51rrphPGfJPdqrG5zI4VER-sPUTmCY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame 128D 43 B
147 B 207ms
24ms Image
image/gif 18.197.187.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAKkbQ-ZIt1hmGyBSWL_6bg&google_cver=1&google_push=AXcoOmQ9Wg8efB-dPwATJNxFOTuF2bdnVKBa94qpOC96u9oEKq4jpJsI48cldoDJDGSldyjKaoGsKsnUEraYX9vumHikOOK8OilaRqQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6790618165462490&output=html&h=280&adk=3819879894&adf=3754241251&pi=t.aa~a.2007806693~rp.4&w=450&fwrn=4&fwrnh=100&lmt=1700156818&rafmt=1&to=qs&pwprc=8545908949&format=450x280&url=https%3A%2F%2Fcitizendailypost.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700156818022&bpp=1&bdt=2301&idt=-M&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9829746cf0be07b%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw&gpic=UID%3D00000cdc1b62a66c%3AT%3D1700156817%3ART%3D1700156817%3AS%3DALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg&prev_fmts=0x0%2C190x600%2C250x600%2C250x860%2C730x280&nras=2&correlator=5592825283792&frm=20&pv=1&ga_vid=1048506059.1700156817&ga_sid=1700156817&ga_hid=1122465091&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079491%2C31078301%2C31079756%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=747635491595571&tmod=1276933875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.187.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-187-29.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 128D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOK5-roDjJVQ65nY70szBrg&google_cver=1&google_push=AXcoOmQbNTrO9s0pdjVHUXc3maNupKQ2xhGeVUTsYpjOc53cg0Z-EnA0Z8-nZ20W2aEF9fN5kM-2quFXjxbdYO8EwUpfLa2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbNTrO9s0pdjVHUXc3maNupKQ2xhGeVUTsYpjOc53cg0Z-EnA0Z8-nZ20W2aEF9fN5kM-2quFXjxbdYO8EwUpfLa2_IR4jGdM&google_hm=eS0wMWNPdVZGRTJwR2R...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbNTrO9s0pdjVHUXc3maNupKQ2xhGeVUTsYpjOc53cg0Z-EnA0Z8-nZ20W2aEF9fN5kM-2quFXjxbdYO8EwUpfLa2_IR4jGdM&google_hm=eS0wMWNPdVZGRTJwR2RyNDlnLk9lRWNBc0tuZVNuQnFkLn5B

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 17:46:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQbNTrO9s0pdjVHUXc3maNupKQ2xhGeVUTsYpjOc53cg0Z-EnA0Z8-nZ20W2aEF9fN5kM-2quFXjxbdYO8EwUpfLa2_IR4jGdM&google_hm=eS0wMWNPdVZGRTJwR2RyNDlnLk9lRWNBc0tuZVNuQnFkLn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 128D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFZ3A7EUvnThmHv4OYo_Y_s&google_cver=1&google_push=AXcoOmTRys20tf8E12SgNh7CQtSemdZ5SHF_C7Sq8XZp39oNQv7SV5aPUN-NPVUzZQrXGJWL3rUglqY-M5KeLFgTLK5SJym...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFZ3A7EUvnThmHv4OYo_Y_s&google_cver=1&google_push=AXcoOmTRys20tf8E12SgNh7CQtSemdZ5SHF_C7Sq8XZp39oNQv7SV5aPUN-NPVUzZQrXGJWL3rUglqY-M5KeLFgTLK5SJ...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTRys20tf8E12SgNh7CQtSemdZ5SHF_C7Sq8XZp39oNQv7SV5aPUN-NPVUzZQrXGJWL3rUglqY-M5KeLFgTLK5SJymCQ5Vpevs

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTRys20tf8E12SgNh7CQtSemdZ5SHF_C7Sq8XZp39oNQv7SV5aPUN-NPVUzZQrXGJWL3rUglqY-M5KeLFgTLK5SJymCQ5Vpevs

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTRys20tf8E12SgNh7CQtSemdZ5SHF_C7Sq8XZp39oNQv7SV5aPUN-NPVUzZQrXGJWL3rUglqY-M5KeLFgTLK5SJymCQ5Vpevs
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 128D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECSaBRAWwACrTEbXLzBsP3E&google_cver=1&google_push=AXcoOmTovMAzsCxAsSW--ZKJppnDpkoxObyWaUDJUGj_BEKaermi3E8rWugfACKcQLhIKKTvvDlOk1Z5...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECSaBRAWwACrTEbXLzBsP3E&google_cver=1&google_push=AXcoOmTovMAzsCxAsSW--ZKJppnDpkoxObyWaUDJUGj_BEKaermi3E8rWugfACKcQLhIKKTvvDl...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTMwNDUyNjYyMjU2NDY0Mjg1NQ&google_push=AXcoOmTovMAzsCxAsSW--ZKJppnDpkoxObyWaUDJUGj_BEKaermi3E8rWugfACKcQLhIKKTvvDlOk1...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTMwNDUyNjYyMjU2NDY0Mjg1NQ&google_push=AXcoOmTovMAzsCxAsSW--ZKJppnDpkoxObyWaUDJUGj_BEKaermi3E8rWugfACKcQLhIKKTvvDlOk1Z5r5rLqSgm3Co_VqETsr7iKQ

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTMwNDUyNjYyMjU2NDY0Mjg1NQ&google_push=AXcoOmTovMAzsCxAsSW--ZKJppnDpkoxObyWaUDJUGj_BEKaermi3E8rWugfACKcQLhIKKTvvDlOk1Z5r5rLqSgm3Co_VqETsr7iKQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 128D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENqOPp0KduoIYBSdtknhFh8&google_cver=1&google_push=AXcoOmRLT_b2vbi1qC-Fw9GqI7E-CUsnAZ5Ky25nPllMv5dU8iFQfpFWNQmtXRRO1ESin8ThAg7IzyLl_81A...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRLT_b2vbi1qC-Fw9GqI7E-CUsnAZ5Ky25nPllMv5dU8iFQfpFWNQmtXRRO1ESin8ThAg7IzyLl_81Ag7paaWuhNDyE7nioxg

170 B
299 B

56ms
52ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRLT_b2vbi1qC-Fw9GqI7E-CUsnAZ5Ky25nPllMv5dU8iFQfpFWNQmtXRRO1ESin8ThAg7IzyLl_81Ag7paaWuhNDyE7nioxg

Requested by

Host: citizendailypost.com
URL: https://citizendailypost.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 17:46:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRLT_b2vbi1qC-Fw9GqI7E-CUsnAZ5Ky25nPllMv5dU8iFQfpFWNQmtXRRO1ESin8ThAg7IzyLl_81Ag7paaWuhNDyE7nioxg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 128D 0
77 B 39ms
24ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lnlck3gKh0RoRTnsoNBaWIvbHPTNtgr2NxzyOvgBvpteZkhPROruofoafUvXQo8BOcQ1D8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:46:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.pixabay.com
URL: https://cdn.pixabay.com/photo/2015/10/19/17/07/barn-996345_1280.jpg

Domain: cdn.pixabay.com
URL: https://cdn.pixabay.com/photo/2016/11/08/05/29/surgery-1807541_1280.jpg

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citizendailypost.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b2260e396f38f28ae0bf8d456312a78c
.pixabay.com/	1970-01-20 16:15:58	Name: __cf_bm Value: OtzxLEP6QLMk.wUboKNCgkJAtuIKRsKYVGNPefVWJM0-1700156816-0-ATVgLf0lYbdUgnZ9ZtTEKabQnT0/eCOxddxKTtVU3ARff3Z5mvKvBPPVb3kT7lZoh4KGwlCeH70RT+BQ6N2B1eU=
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: bb4d96b6c7c30c51c0ead523db0eb9ad34fbf2f4-1700156816
.citizendailypost.com/	1970-01-21 01:37:32	Name: __gads Value: ID=b9829746cf0be07b:T=1700156817:RT=1700156817:S=ALNI_MYTr8cbsbh0gD9uv-QwkjEpQYTElw
.citizendailypost.com/	1970-01-21 01:37:32	Name: __gpi Value: UID=00000cdc1b62a66c:T=1700156817:RT=1700156817:S=ALNI_Mawy7cxMzSOA_KyxcxEAddPh6i2Zg
.bing.com/	1970-01-21 01:37:32	Name: MUID Value: 1F1D9E300D1262791E168DFB0C796322
.doubleclick.net/	1970-01-21 01:37:32	Name: IDE Value: AHWqTUnF5S_gLHwgbLdRG-0UAGGQQIE6zqMQZe0m0-BAQW6iQ6SOZLrPfiNrF5asVgw
.de17a.com/	1970-01-21 00:54:20	Name: guid Value: 1.1312863428414381214
.adform.net/	1970-01-20 16:59:08	Name: C Value: 1
.blismedia.com/	1970-01-21 01:01:36	Name: b Value: 65565592599847D37BF0DD9BBLIS
.adform.net/	1970-01-20 17:42:20	Name: uid Value: 5304526622564642855
.yahoo.com/	1970-01-21 01:01:54	Name: A3 Value: d=AQABBJNVVmUCEOz5EaBNhNcYpVWVZvs8yQEFEgEBAQGnV2VgZQAAAAAA_eMAAA&S=AQAAAnq28KVrwdo3CP1BVQhcgjU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
archive.themedium.ca
c1.adform.net
cdn.adnxs.com
cdn.pixabay.com
cdn.vox-cdn.com
citizendailypost.com
cm.g.doubleclick.net
d3ezn0y6hdgq62.cloudfront.net
d5p.de17a.com
googleads.g.doubleclick.net
gray-wymt-prod.cdn.arcpublishing.com
i2-prod.bristolpost.co.uk
ichef.bbci.co.uk
lajolla.com
match.adsrvr.org
media.tegna-media.com
miro.medium.com
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
s.abcnews.com
staticg.sportskeeda.com
tpc.googlesyndication.com
tr.blismedia.com
upload.wikimedia.org
www.bing.com
www.digitaltrends.com
www.googletagservices.com
www.highonfilms.com
www.livemint.com
www.medicaldevice-network.com
www.paho.org
www.si.com
www.thebeachguide.co.uk
x.bidswitch.net
cdn.pixabay.com
104.21.81.215
108.156.39.13
109.228.36.162
13.107.213.60
142.250.185.194
142.250.186.161
142.250.186.98
151.101.1.108
151.101.2.98
162.159.153.4
18.197.187.29
18.239.102.66
18.239.18.36
18.66.112.90
185.15.59.240
185.89.210.20
192.0.66.16
199.232.196.124
2.19.226.49
213.155.156.166
216.58.212.130
23.185.0.1
23.185.0.4
23.36.163.228
23.38.98.17
23.73.140.140
2606:4700:4400::6812:2860
34.160.17.71
34.96.105.8
35.71.131.137
37.157.4.28
51.89.9.253
52.17.168.131
54.90.74.72
69.174.52.39
92.123.104.53
05ffd690ad946159b6c27f4095b8e79d9b5d6d2c77e4af19b0960dbda2a1079c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fcccb336807a05fc9850a939516b5c6319ef310f66028c5a24a8ea920e8127c
12abb33a21f4498ff7aaaefd4be6e4380f00b7ecdc1fe8ce5abbd0212e71a7a0
12d6793a79246368e1eb75580f35a62d27b4ab05729cc4294a4ebf36650ed99c
1ee3cdbbb9ad5b42e0d0a5b5e9b44d90a62efd3fb932a09c123033bd045a987d
20be544153c32cbe14e1016be61c8a191f50345a6cda2ecb83ee0cc86ccebe24
28eaee0fbd7399a3d609a7ec907457364adefdc6dac485d5f480b2e510300fbe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
327d16734eb48aed933c859b68b56234dbadc6035565cdf6d0c5a05d5d1ce1fd
39ea5f0871d0757566081a5f65c02a350da119708d27d6479df54ceda155489e
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
412ab944f3eadd2a32c5b5e9c87814d6a4e99e6e50a14ea70eb6b1066923f8ed
4e12aa9e81dc9c4bc03633c8404537c43f2e2fd22f20b104d8e7467b6f12c13a
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
5449456c5a8f87394fff35fde57e8c7a34d25cd8086ddeeefff8c940d2d97645
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
55f99faf3ee030e44d5f688d5d96ab2cadaf606dae6241483402e7276e5f1b9f
572cba4eb6c727b433fbd506c88200f2eab5974ef06044dc4ff8ceb25e72bee0
589ed4d4b1dc26d4db654adfbff099a2632347a7933938b19279496dd753618e
59f61e568567e44b82afeb297b2b25e37234eb3688f688225e28cda8134705a0
5aff6435a542ad8afd3f959d426fcc010b211b954c25ff96ed9346147cc29fd4
5eb142aff283ef7ba6aab2e8a67e9cdcb1ae0578a8cd234a357b9be6b6341744
612875da5a70e44bca9545d58b9beacd16415ff883bfa95c6322ce2dc66d391a
613cf39b5684ef11f2c7dc10cded9d45cb905dd316198550b6c8f3eb5df9bc56
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6da5c183e1f7c70b6c8a8e044acca40afe6b5d5cfebc6f040811154ca6a94ea2
6df812d2e8bb09ca404090705ddcce1135eb01b15087173d9bd1e46b9f806cc7
6e71e1bcb25a09497b68c7765a7f76a40e1b3e713f5c6640df21591de72176dd
70f15988d9f6c31ada332a2213be7932b3964ae3c0660bc2521899ec530e4506
7a819723bc6e9a1f70b5d2277ca6520155623e3684d4cc3c2fb09de09b0dae34
8a121f46f72a30dd301cf7b457b2d97e29cdb175f7c85fb95d5fae96e6aea41e
8a899db6e2ec14efc965767ed639734db81ce68fb7b54a152bc0efe998ed33c3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b63760debad820db3fe797b22998d3238557e0505e40d98670b1e98ae0408e2
a02723a046f7aa67dc559e0f297110b3085cbcc550af724b49920387e9e1fc09
a411655cdcf0172cfa13e7ca5bc1daa12d267d44aeb353d48eaf4f31c042b979
a69013649f303155839b3e079af5c08aac27a5cf0b78933b3689e8a1d0f08195
b5c43253bf7af9eb763918d8a828a7adf0bab462abd5d925019859a142dbe1d1
b5f81a242db048a71aacf58bbd369bbf3e4c0e70c3469051ec04d437203bd35d
ba0623ee5a6b9ac08f7c830f930daf0b623f1496d3d6da38695a12f9608c367c
bb04158c866fdc034c335e330963c449ce5f8343b69dc6d5d2ee2b6b37e75049
bb42ce48558b19e316459205865779074d94ab84ffc81724dee572a70a289842
bbf4614978a71e37daa8165413f14e3a01f0fb735a4ef4384a5e3be88178062a
bc6ef3cf9d49cf5091a8466304c85e7aeee969ec53985acaa2038bf93c4f4e8d
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c3967e514a368272932b8b69b62ec63dd04a519427bb11d11b4d4230db7724de
c88508e00768812f51e004349364887351c0139b44b126479e06c08bcd5af4fc
c9c13ff37f66efa77142e65ce38ed338bd3a6911fe671a576226807a657995e8
d2ea0e28e3967009ff4760f5856d6bd4232752b1d6be3d2be96829466b2147f0
d5ac9e75b48a0625c33d1ba22d45f322505d12bc99cb9b81f830509936228d96
d64bfc3d3029576d1f027c830bb45a018d2492f3139e45eb7b6a4e0b5d21c74b
db74717c5763fa6adedfc37f045c9d79f74131300dae8ff7bf1146956c740445
dd7b8e685175e469859988bf142c269bb17404561b484fc3f26346020ab426d8
df56766bb77b14dec921578c7ff8ae5b070ba109071159968d0ea71b6efac6b8
e196a7afcddd4645b89dc82a414436d831e7766850f2b446df9e50a625f63a54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e544fbba92b99ba55d370b4cd0e32d6330fa945a7e26ca880f43bc2c889a1dd1
e9c982e33325b737df9e01069f58775d9d827fabc6282d8a78902ff1e25b44af
ebc01295afe9e9063b3870c6a03a2cc0547db2eda5d1a1e3238dd1f1aeeabe5f
ed5141d34d36d866bc5ed639de85f06e78d156dc34b88d928efa379d289fcb08
ee6a56717d97b1b3d2c374d419c8d1e1c79f5c344d51e16502add50c8e26b1de
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f872d513a0ef369af808e359e304b568d37966ef0d32699e0c54f4ac2eb83eab
fac367ada1217c85134edb2d1406f3baafd425448c92b39e488d4df6c0d65848
fb264f26204859ff9c73e252465fc0649f2ea038070e31c90344e37863e07ae2
fdc7a87ff15909ab70f238b888213a6860a9a3008c34e63d3510b5d3a5c3e9c7

citizendailypost.com Open in urlscan Pro 104.21.81.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

91 %HTTPS

3 %IPv6

34 Domains

37 Subdomains

33 IPs

8 Countries

9837 kBTransfer

11293 kBSize

12 Cookies

5 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citizendailypost.com Open in urlscan Pro
104.21.81.215 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

91 %
HTTPS

3 %
IPv6

34
Domains

37
Subdomains

33
IPs

8
Countries

9837 kB
Transfer

11293 kB
Size

12
Cookies

89 HTTP transactions
2 data transactions