urlscan.io logo urlscan.io
SecurityTrails logo

equi5.subsidyaid.com Open in urlscan Pro
34.123.196.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ak.peethach.com/4/6634689/0.06998042741807953
Effective URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=789813...
Submission: On February 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 51 HTTP transactions. The main IP is 34.123.196.68, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is equi5.subsidyaid.com.
TLS certificate: Issued by R3 on January 27th 2024. Valid for: 3 months.
This is the only time equi5.subsidyaid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    23.44.201.166 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-166.deploy.static.akamaitechnologies.com
ak.peethach.com
17    172.64.204.9 (United States)

ASN13335 (CLOUDFLARENET, US)
totalnicenewz.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
2    34.232.110.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-110-131.compute-1.amazonaws.com
track.additionalbenefits.org
track.subsidyaid.com
14    34.123.196.68 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.196.123.34.bc.googleusercontent.com
equi5.subsidyaid.com
1    142.251.40.106 (None, )

ASN- ()
fonts.googleapis.com
2    157.240.241.1 (None, )

ASN- ()
connect.facebook.net
1    142.251.40.168 (None, )

ASN- ()
www.googletagmanager.com
1    142.250.65.195 (None, )

ASN- ()
fonts.gstatic.com
1    108.139.47.112 (None, )

ASN- ()
js.callcdn.com
1    104.237.62.212 (None, )

ASN- ()
api.ipify.org
1    54.84.236.175 (None, )

ASN- ()
lander-main-microservice.netlify.app
1    104.154.135.87 (None, )

ASN- ()
funnel.improveourcredit.com
1    54.211.24.82 (None, )

ASN- ()
display.ringba.com
1    31.13.71.36 (None, )

ASN- ()
www.facebook.com
Domain Requested by
17 totalnicenewz.com 1 redirects ak.peethach.com
totalnicenewz.com
14 equi5.subsidyaid.com equi5.subsidyaid.com
4 my.rtmark.net ak.peethach.com
totalnicenewz.com
2 connect.facebook.net equi5.subsidyaid.com
connect.facebook.net
1 www.facebook.com equi5.subsidyaid.com
1 track.subsidyaid.com lander-main-microservice.netlify.app
1 display.ringba.com equi5.subsidyaid.com
1 funnel.improveourcredit.com equi5.subsidyaid.com
1 lander-main-microservice.netlify.app equi5.subsidyaid.com
1 api.ipify.org equi5.subsidyaid.com
1 js.callcdn.com equi5.subsidyaid.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com equi5.subsidyaid.com
1 fonts.googleapis.com equi5.subsidyaid.com
1 track.additionalbenefits.org 1 redirects
1 datatechone.com totalnicenewz.com
1 ak.peethach.com
51 17

This site contains no links.

Subject Issuer Validity Valid
totalnicenewz.com
GTS CA 1P5		 2024-01-19 -
2024-04-18		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
equi5.subsidyaid.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.callcdn.com
Amazon RSA 2048 M02		 2024-01-30 -
2025-02-26		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
*.netlify.app
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh
funnel.improveourcredit.com
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.ringba.com
Amazon RSA 2048 M03		 2023-11-27 -
2024-12-23		 a year crt.sh
track.subsidyaid.com
R3		 2024-01-16 -
2024-04-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Frame ID: 37D0DB63E4F7272F91FDE16F4F7BAFCA
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ak.peethach.com/4/6634689/0.06998042741807953 Page URL
  2. https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z... Page URL
  3. https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z... Page URL
  4. https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778843158900646084&oaid=2f2b170a62d9... Page URL
  5. https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=4662728&bannerid=20248186&zonety... HTTP 302
    https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

51
Requests

92 %
HTTPS

0 %
IPv6

16
Domains

17
Subdomains

17
IPs

3
Countries

1324 kB
Transfer

1746 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ak.peethach.com/4/6634689/0.06998042741807953 Page URL
  2. https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  3. https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  4. https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778843158900646084&oaid=2f2b170a62d9addafaa09771366c23ec Page URL
  5. https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=4662728&bannerid=20248186&zonetype={zone_type}&campaignid=7898133&device=desktop&region=tx&isp=781237823&source=PR2&medium=push&cost=0.009075&visitor_id=778843165594755751 HTTP 302
    https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0.06998042741807953
ak.peethach.com/4/6634689/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ak.peethach.com/4/6634689/0.06998042741807953
Protocol
HTTP/1.1
Server
23.44.201.166 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-201-166.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
* *
Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
725
Content-Type
text/html; charset=utf8
Date
Tue, 06 Feb 2024 21:16:37 GMT
Expires
Tue, 06 Feb 2024 21:16:37 GMT
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://totalnicenewz.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
Pragma
no-cache
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Trace-Id
138e4cd8387c812006564e7024bd8a03
img.gif
my.rtmark.net/ 		0
0
/
totalnicenewz.com/ 		40 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: ak.peethach.com
URL: http://ak.peethach.com/4/6634689/0.06998042741807953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
d98e363001bf12c1cd35434282827fa2ea9ec28272eabc51988e8feee441bb05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85166a518c738c9c-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 21:16:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiUgKh6v0PqTBdeGhCgVPjD5eZrb1CsRHTazUGi%2BXPxY9GCw5uwJkp6G5BMgWNPssW2YRSZsyFJBc0ajgsOKwTuhQbbPY39BuheoK9TXqmtSQGkoNoFugAFTt0a%2BHBWsp412TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=2f2b170a62d9addafaa09771366c23ec
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a77b9b9275e26bb98b837a4e36db0a1645148132791c28c5b0ecd8ef645e56ec
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
totalnicenewz.com/pfe/current/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 21:16:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jan 2024 09:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b22bc5-704a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMohEcvxcv4rU6BvQi3jD%2FRbOKJFkaUl7aiCJHXOYekMNk6yp%2B0oErPOQfEaDtskNyCim5HujK1%2BBPa%2FQ%2FR3piVGz0PFHoaH2F9CPHg1SrWAMW5TpiGDSzaoq39l%2FDKakFoelQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
85166a527d4a8c9c-EWR
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
totalnicenewz.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/19/4662728/?abt_opts=1&var=6634689&var3=778843158900646084&ymid=&rhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
c159364a8a5896b04c8adaf7f02a4706
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce2EgxAFmEbu0WiMlUeq3aHqT4vyvKqOgThWpdWXy6RCdm83QEcwIE5dyiwVPjNNdraCy3TRhUyN3dPO9ylkE78KroUKIRiAMpwt1f5G2hOCtHzm5mRJnD90juMJWGLpxFofAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85166a529e8ac359-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
totalnicenewz.com/ 		2 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GGyQWprqMIr4tY7385ZdzKT0PRo8rNosBv48JxONQ89U56dUbWnv0ZY4uowHKTg%2FcTfY0biGv0mDCtZ1ZbUrSS1YBY8jHDXnIkvKn2tRAUREkKR3hfhiMDw%2FBELAT2lIIbBvw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85166a529e8dc359-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
totalnicenewz.com/sw-check-permissions/ 		0
958 B 		Other
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sw-check-permissions/4662709?var=6634689&ymid=778843158900646084&uhd=1&zoneId=4662709
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tbzz4RFCbBXYn8iBN21k0nU4dP6d2%2FW7%2FXcYmPhIz7M%2FhAEW1hSXPtAbfU%2Fso6IP%2BonU9ykiFLU2ewlwUTuMmVbE9wFEkGEAmUH4S7pzrvwVzyPtkixEOde27x27B3RZfzX33Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85166a532f0bc359-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
totalnicenewz.com/ 		0
495 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6634689&ymid=778843158900646084&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=a8b223ad-f58f-460f-bf6b-b955ac00afc1&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-trace-id
8bea9e72caf241e159c38fc1997b1c86
date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEUeQtLq3vF56ixBvuxpVDyR0zS0lKFs6E9XTS7RQ0Kni4qlRUk%2BoywDbDOnXd9Xk3jbrgzlT%2B3WbLwQ4bTsGu6gzT%2FpKm2Kl2tPYS3nfkeG2RRZJT30ykOlxXGmPfFXQDZ5lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalnicenewz.com
access-control-allow-credentials
true
cf-ray
85166a532f15c359-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=778843158900646084&var=6634689
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
totalnicenewz.com/ 		796 B
982 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6634689&ymid=778843158900646084&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=a8b223ad-f58f-460f-bf6b-b955ac00afc1&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
66671cf69ba0247822c2f4b9e28c38eb
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiJAtydzEWVgQkJG10Jn6AsUhmDB2lVfYH%2BBYk7wBzp3%2FDGw905mqRK98y7Ksc5VXUl3ZsFGaGPmnq9FeHtWSeAAvKuz766OUH2mILBpvSnDTawllfBHID110g8XUc1mBAZDmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85166a537f58c359-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
rhd
totalnicenewz.com/ 		0
0
/
totalnicenewz.com/ 		40 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
b6d27052fc50beb3dac4d6cbcfc5fbf9ffbe2819db244c65207c163e16149705

Request headers

Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85166a53cf9cc359-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 21:16:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cvuLGvA6VmVnZFoJeyieHsTWuCgk8Hk5u1N2ecmsv%2FXXQN8%2FmcobPh2WGE6hUjpQW4lClbhnQaVQw3%2F5EpcW%2BcQExrAOFYNFZZ43hlsKxGSXsO8OXzI2biqa4u0o06%2BqM2o%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
micro.tag.min.js
totalnicenewz.com/pfe/current/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 21:16:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jan 2024 09:37:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b22bc5-704a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHlS6UHYi%2BEv8PH5OPlZdscBonCZmJawZD6VRpy68jIRk01fZp9jZBIYvJDVGupLcgw6R7acic2KYSlEUdwf2rlGY%2FtdAGabBnnGhJFV%2F7AqnlozhC9rWmMvxREdACbaKH%2FagQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
85166a54d863c359-EWR
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
totalnicenewz.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/19/4662728/?abt_opts=1&var=6634689&var3=778843158900646084&ymid=&rhd=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e79a2094a4f2d171501ebe181e488959ea72c6cb8042fa73e5d4b95e2d22a9ab
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
eed327cf12877a818090bbb0dd295ea8
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtTpK2Eli0botEMp5u0TIvrsQmzubQbQvbtwUtZ7XfUqlZPE7PVdiZK3jMklEi6ubvumWRL46asA2lnPBNcXd4Zz7EfqOsrkMdTQ5g7%2FxlUw11OHFXq3glnkToMLEOQq8rtntQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85166a54d868c359-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
totalnicenewz.com/ 		2 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.27
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZmYLWGBYnjBhhqCCAKnBpaL15lihpRweZbNF8z7ni1dvop3Whhkkj%2FYBOSG3gGJIFa%2Fp5B6h6huYu1ZxI7d1Hw221lWR8zIhlqxJbK3sJQDrRAHIbRHQU1B%2Bwii13Q6yqYolA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85166a54d86bc359-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
totalnicenewz.com/sw-check-permissions/ 		0
957 B 		Other
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sw-check-permissions/4662709?var=6634689&ymid=778843158900646084&uhd=1&zoneId=4662709
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTfAa8YkIquivsSdR1WsdddzdyqT1JA%2B8Rw9%2Bg4Dy8uU9vsGHY%2BMsqVPOIcVG2LAZsntzZJiv3c5Gsh7qXmz%2B3d%2FHVPwRaXKeNgzxjBi3q5r6x3oWYnbMRslNWMsBb0GSdK6Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85166a55a906c359-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
totalnicenewz.com/ 		0
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6634689&ymid=778843158900646084&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=c944f30c-4b98-42cd-8ed2-88c80f3b9a5e&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-trace-id
b06ac500c00628b99b8f5b318e82b6de
date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6HTcB8LlCE59I4Ec1ne7A4u7c0ZO1nJnCja9WKhrE7KR170IhZXy%2BpHlRUgil3dClkmKHaj4gHanBdyD80t1E0JtYsXrIgvtN3B2TE9Wcxa8K5wBxVV5ziLMwhCvdkm227R8A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalnicenewz.com
access-control-allow-credentials
true
cf-ray
85166a55a907c359-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=778843158900646084&var=6634689
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
596d8c7c979374e6245ec71afc0ec62a0551263d0674bd611fea60d654ee9030
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
totalnicenewz.com/ 		796 B
984 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalnicenewz.com&var=6634689&ymid=778843158900646084&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=c944f30c-4b98-42cd-8ed2-88c80f3b9a5e&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=778843158900646084&var=6634689&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51b937d7ee0a602eda05f4bbc157b6dd8c7dbf0d3eba148d82157d28f63b8d47
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
e58a38df367b191c63b0ba10d4b13f99
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STva9Ie3R%2F9moBxv1da2wVrF3btwXPPiwt6Ffi%2Fw5PI%2FAU5ulVGK4r1tsiL%2F1iGce8GFKGmPCFNCXeLvkRKowb9F9%2BcK20fP7a25Q4iT1qDd0mrYXPrCR7p4ikz1iYDYrFJF0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85166a55c91cc359-EWR
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
totalnicenewz.com/submenu/4662728/ 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778843158900646084&oaid=2f2b170a62d9addafaa09771366c23ec
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
85166a598d13c359-EWR
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 06 Feb 2024 21:16:39 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Beu41mZB0iyQPUfshClJNUpSOmTr9ZSsjXJKqftxd1Q4t4Yo8cQno6VBOGM0rhjPLPBlGWy%2FkOkxGqhEH%2FzxgSTPOvSueETcqane6GSHoz6rLAb%2FAPUt1TbWRw144OerOpEFvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
6f093d5f3a3354af63f7d85c54c165b4
sftouch
totalnicenewz.com/ 		2 B
775 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://totalnicenewz.com/sftouch?userId=2f2b170a62d9addafaa09771366c23ec&z=4662728&p_rid=81808da7-051e-4e4d-acc6-3033095338fa&p_src=sf&branchId=0&rb=GLThxrII7ry6TFrmkoMOyLLilis7zgOm33lIQSh3kpK8ZIZSaos1IUAsI79CQZLa2K6cFuuF2Kj-NHea3UUnZxSlATdVlNQ7aux43Jj1EtY29_2r6Poq_gbUjazrE4B6Alu6cZ0Sp1ey6NxcK9I-hKbCdFoVrmMZ0BVdKAgOyhyOqGuvKzhTXH_z9P936r4YKmowKRNm4tW1KLBQ0hy95JWaBCKaIb0idrLcmKTL7G6qViCGQ32ffHgdpB8n0Vp1z0CLfK24f-UaNthf4TyfAr15oUAYqGEe5dUwdzQ8RXttmVb7qwjtDJhaHVy1FebtK4dsL_o6MuM=
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778843158900646084&oaid=2f2b170a62d9addafaa09771366c23ec
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.204.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778843158900646084&oaid=2f2b170a62d9addafaa09771366c23ec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:39 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
x-trace-id
50dbe349735d7f7ce2a44389dc1eb638
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://totalnicenewz.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAn1Nt0VP9V4vaCbhYwMZl8o%2B5n3gdEZd4V%2BAaO5wL9wI6lrLrvF6nK6DL%2FBsdqeeTMq%2FY3UDlIva6d%2FwI%2F1ONaBeWf9frt0rIKHd0JoPvIOOOy%2B%2FHMvyiHx0wJOko1bU2Ns2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85166a5a6de6c359-EWR
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
508 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=2f2b170a62d9addafaa09771366c23ec&z=4662728&p_rid=81808da7-051e-4e4d-acc6-3033095338fa&p_src=sf
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778843158900646084&oaid=2f2b170a62d9addafaa09771366c23ec
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://totalnicenewz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:39 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://totalnicenewz.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6de67130-f20e-475d-b9e3-ee0cd9ef6e5e
Requested by
Host: totalnicenewz.com
URL: https://totalnicenewz.com/submenu/4662728/?rhd=1&var=6634689&var3=778843158900646084&oaid=2f2b170a62d9addafaa09771366c23ec
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://totalnicenewz.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 06 Feb 2024 21:16:39 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://totalnicenewz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request lander-1
equi5.subsidyaid.com/
Redirect Chain
  • https://totalnicenewz.com/rhd?z=4662728&syncedCookie=false&rhd=true
  • https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=4662728&bannerid=20248186&zonetype={zone_type}&campaignid=7898133&device=desktop&region=tx&isp=781237823&source=PR2&...
  • https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
d3856b4d11d76e6f4fa87973b4ec83dd6ef0e9cb6eeda65b884727f33512fc4b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://totalnicenewz.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
1336
content-type
text/html
date
Tue, 06 Feb 2024 21:16:40 GMT
etag
"65c173d3-538"
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 06 Feb 2024 21:16:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
pragma
no-cache
server
nginx
css2
fonts.googleapis.com/ 		3 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:opsz,wght@9..40,300;9..40,400;9..40,500;9..40,600&display=swap
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.106 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
83b78ab2ca543f34ac77a105efaff8fd77bbdba44939b8be442a1bcc85f14cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 21:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 20:46:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 21:16:43 GMT
scripts.js
equi5.subsidyaid.com/scripts/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/scripts/scripts.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
b416c2ebf4b4d4e71bd515a35a15f45da09c708728cfedb05dc3ed2902fc68dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:40 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-2e69"
content-length
11881
content-type
application/javascript
main.8472d217.js
equi5.subsidyaid.com/static/js/ 		776 KB
777 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/static/js/main.8472d217.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
176f2cb0f7d0d607cf3903b22162cec1387e1cfbf363d76b29a2870ee1146128

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:40 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-c1ea1"
content-length
794273
content-type
application/javascript
main.6df79cac.css
equi5.subsidyaid.com/static/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/static/css/main.6df79cac.css
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
7ee7f061f864c34e21a8a9c0a753ec7e61415a7032fc0b04cc784c0134956db0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:40 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-43ca"
content-length
17354
content-type
text/css
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Feb 2024 21:16:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
mZy5QY9PLKX62SrQYDpZhUalJ4eTkUdzKASUSrlABhew3lUKf/zi/v4w2rpgc7ZXK9Kp9pHQ/ZunNth76IAGYw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8XQHMBR
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.168 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f44e010ea27f863358b836c627321554516c1e1cb1e7df3c73d9b2a03a96a9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45205
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Feb 2024 21:16:43 GMT
banner_shape_3.6cde1a3669b1a621d6e6.webp
equi5.subsidyaid.com/static/media/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/banner_shape_3.6cde1a3669b1a621d6e6.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/css/main.6df79cac.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
fbefb53e718f4e5f3c2d02656af3678f10b9388a82511855617830f58cd98f61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/static/css/main.6df79cac.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-e908"
content-length
59656
content-type
image/webp
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v14/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v14/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:opsz,wght@9..40,300;9..40,400;9..40,500;9..40,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.195 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ef3e7e94fc36d961b807c8fa6c2bbbd5cf60a746a95c0d01f331d847156b198c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://equi5.subsidyaid.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:20:59 GMT
x-content-type-options
nosniff
age
474944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62704
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 22:05:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:20:59 GMT
logo.46a0b122f586f8f63c5a.png
equi5.subsidyaid.com/static/media/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/logo.46a0b122f586f8f63c5a.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ef6ebebb5f3b1f249439235c20ce8b7b4da09b4865c7e02cc508b70bfaf54cf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-97df"
content-length
38879
content-type
image/png
subsidycard.b137d19491cceaeca436.webp
equi5.subsidyaid.com/static/media/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/subsidycard.b137d19491cceaeca436.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
1121f900845e1e1d10a24d0ebeca2cba7980de8b55118546879a2e1a54b638d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-6ffc"
content-length
28668
content-type
image/webp
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a65df679865cbe83d89e0edcd0f684ea66169fedee5b420cf1b6544e9fa13845

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
news-logo02.ec6acd0201605b43bc54.png
equi5.subsidyaid.com/static/media/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/news-logo02.ec6acd0201605b43bc54.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
0e4b455181a5b285f26758971d8f0b47ee821307adfbf91b6c75602f50c94a0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-5c8e"
content-length
23694
content-type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74e959bdf6b08b492e3b51a00f380ec6dc909967a3e3bdc62f90f9921c77d251

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa9bb74cb885084014960f08e9bcd5fff5eaff8575dc00dd3e70d0a21a426a4a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7ac9ad730d43956d46938079899f41f83714aa8e8affc90186373773c528706

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
news-logo06.0fc68c2f7481ac435f98.png
equi5.subsidyaid.com/static/media/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/news-logo06.0fc68c2f7481ac435f98.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
dbc384bd02b57754a0bfab2891767aa3fa65100af6f9e7947c09eef292606d0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-5909"
content-length
22793
content-type
image/png
002-basket.8e956a38db2baa6a51c4.webp
equi5.subsidyaid.com/static/media/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/002-basket.8e956a38db2baa6a51c4.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
5b8e5d2f27e9fb10aae3edb56fc9134aed9ab59317b7a1fbc7f19bdaca05ffbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-1914"
content-length
6420
content-type
image/webp
003-rent.90b97597dfbe45996927.webp
equi5.subsidyaid.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/003-rent.90b97597dfbe45996927.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
41c5942b665b0d689809e54ad42a829ad7d05b465da0ef6a6834a73f3b40e6b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-a12"
content-length
2578
content-type
image/webp
001-gas-pump.da372692325fa1463351.webp
equi5.subsidyaid.com/static/media/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/001-gas-pump.da372692325fa1463351.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
07edc267cf6450c21b85b43d498632665b785593860e4ea9911219d890179863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-d8a"
content-length
3466
content-type
image/webp
004-online-shopping.014c367a742b5cbdcff8.webp
equi5.subsidyaid.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/004-online-shopping.014c367a742b5cbdcff8.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ddb682b2e3d2ac7f1e637ed27a3b98f4b88145dd09742da03c35ee597b1df525

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-b72"
content-length
2930
content-type
image/webp
trustpilot-logo.228391ce98bdfb1e17b4.png
equi5.subsidyaid.com/static/media/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/trustpilot-logo.228391ce98bdfb1e17b4.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ddf815a7a7b5ad1e87132638f5d141599075d6f61a5700e21dfd5e44209253ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-10dd6"
content-length
69078
content-type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e53d918f1e31a51d64f9780fa1c4d91fcac71db9c13fcb9194d633213158bc7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		813 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee82b191319cab951f67e31261e7c36a53bc0b49fe818f7523614140385b4c2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02643c4790593efc994305a03557d68b339e66b3e1dbd390ff10726430dea506

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b59ed497b64917f794e3ee961cbf9dfc4ff6ca5033f9b28d8e76b0c0a2623d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
a158a3b0-2c00-4141-b3d7-7cbfce0146f8
https://equi5.subsidyaid.com/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://equi5.subsidyaid.com/a158a3b0-2c00-4141-b3d7-7cbfce0146f8
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
10285
Content-Type
ringba.com.js
js.callcdn.com/js_v3/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.callcdn.com/js_v3/min/ringba.com.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.112 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:10:58 GMT
content-encoding
gzip
via
1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jan 2024 15:58:04 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
JFK50-P1
age
32757
x-powered-by
ASP.NET
etag
W/"0ce63cbdd43da1:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Q5HutZmn1WCOnsKrz-R2rj0KKfgRKGVjEs5aGrw4o3vL-m01_kj6Ew==
/
api.ipify.org/ 		22 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.237.62.212 -, , ASN (),
Reverse DNS
Software
nginx/1.25.2 /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Feb 2024 21:16:43 GMT
Server
nginx/1.25.2
Connection
keep-alive
Content-Length
22
Vary
Origin
Content-Type
application/json
volumOfferScript.js
lander-main-microservice.netlify.app/ 		2 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lander-main-microservice.netlify.app/volumOfferScript.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.236.175 -, , ASN (),
Reverse DNS
Software
Netlify /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id
01HP04FHASYQRN8WNVTS53740N
date
Tue, 06 Feb 2024 21:16:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
59282
cache-status
"Netlify Edge"; hit
etag
"93347be9e14a8b56ff0067ca578bcc32-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
722
ip
funnel.improveourcredit.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://funnel.improveourcredit.com/ip?key=askdjaslkdjaskjdsla
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.154.135.87 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 21:16:43 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"6b1-dNoJPhy1JWMr/ay5X2tmA7Xy0zM"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
1713
1279112236350881
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1279112236350881?v=2.9.145&r=stable&domain=equi5.subsidyaid.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Feb 2024 21:16:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11162
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
b5HZhj4/dG7/5gvJYqBec5RZNuwaPElNeGgtFrIqJVMgbYQQDaCM6pO7+SCpUME0g918/4nqcpHQvdiClvAVdQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bf2f92c0732dc6b5addcbc92ef06037a013deea689814159b87b0bdf2c63e57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
gnbulk
display.ringba.com/v2/nis/ 		396 B
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.24.82 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Feb 2024 21:16:43 GMT
X-Runtime
0.0010
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
300
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://equi5.subsidyaid.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
396
Expires
-1
.js
track.subsidyaid.com/d/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.subsidyaid.com/d/.js?oref=&ourl=https%3A%2F%2Fequi5.subsidyaid.com%2Flander-1%3Fvl_click_id%3Dwotfrn6khvm5id0v2jcnft0o%26utm_source%3DPR2%26utm_medium%3Dpush%26utm_campaign%3D7898133%26utm_adset%3D781237823%26utm_ad%3D20248186%26site_id%3D%257Bzone_type%257D%26placement%3D4662728%26externalclickid%3D778843165594755751&opt=subsidyaid.com&vtm=1707254203784
Requested by
Host: lander-main-microservice.netlify.app
URL: https://lander-main-microservice.netlify.app/volumOfferScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.232.110.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-110-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 21:16:43 GMT
server
nginx
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
1150
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1279112236350881&ev=PageView&dl=https%3A%2F%2Fequi5.subsidyaid.com%2Flander-1%3Fvl_click_id%3Dwotfrn6khvm5id0v2jcnft0o%26utm_source%3DPR2%26utm_medium%3Dpush%26utm_campaign%3D7898133%26utm_adset%3D781237823%26utm_ad%3D20248186%26site_id%3D%257Bzone_type%257D%26placement%3D_removed_%26externalclickid%3D778843165594755751%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%25221480fb125459cbca6cff13fbac5d846220d91cf906e466eb2842ef350878138b%2522%255D%257D&rl=&if=false&ts=1707254203799&cd[eventID]=EVENT_ID1282823C-715F-4CD9-96E3-3D4A1D2E842A.B2EC162B-5B4D-4A32-938E-C8C9F11EE6CA&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707254203793.830688958&ler=empty&cdl=API_unavailable&it=1707254203603&coo=false&up_url=&rp_url=1480fb125459cbca6cff13fbac5d846220d91cf906e466eb2842ef350878138b&exp=e1&rqm=GET
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wotfrn6khvm5id0v2jcnft0o&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=4662728&externalclickid=778843165594755751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Feb 2024 21:16:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.rtmark.net
URL
https://my.rtmark.net/img.gif?f=merge&userId=d8c1439f58fe494786f3675753cb7542
Domain
totalnicenewz.com
URL
https://totalnicenewz.com/rhd?rb=ZujXXtwpsVXXxAPrMY-BDkHedoh7e1wpdlQKuk_XbxoTvbS_nJE8vIMjjoLDnQx5Sw9OBUUN2aLE-VYQNdg_kvOJLc6yDkGtnwKGzVFF54_8UFOACLnvD6XyQYL5WbpsZe0wVlWOk7Bsl2p-9uHPrbEf2q198i2JGipaqYfqdCT7iVB7XlF0vyhZWe2ypvlnGq8qt1zim74anbcBxCOaqcsAj5xSnQydfRF53aR3sypzFuBHdZq8Of5ssbuf0gPk8QDUXE5MNhlzyNqQpaBKVxYH_k2uWzpAs4ndO5vExMTnAGgTD7IBqfVFSD7A4afxM-uLHMZPSyAIkgCVG_SSulY8i1ponngs3LAz_dKKsZ077vJSqCse0WqwhRJQElAdfmw48VBvn88JxVppGF6OH5fboy-FjOm0A1R-O-zT7PcpyA4pUTxHUdydnsOloRzc0HHFMrC0JqbR44FFPdKyBs-c3nmgaMxpwpytpK8JeP98KBC02kUg74bFlkXUxVXchAdDMEoBtP__WDvtRrEgUsZdeRsEXUm7&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotalnicenewz.com%2F%3Fs%3D778843158900646084%26ssk%3D49c01cccbcfa01102eaf88b0c26559ad%26svar%3D1707254197%26z%3D6634689%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6634689&var3=778843158900646084&ymid=&rhd=1&m=link

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
ak.peethach.com/ Name: OAID
Value: d8c1439f58fe494786f3675753cb7542
ak.peethach.com/ Name: oaidts
Value: 1707254197
my.rtmark.net/ Name: ID
Value: d8c1439f58fe494786f3675753cb7542
totalnicenewz.com/ Name: syncedCookie
Value: true
totalnicenewz.com/ Name: prefetchAd_4662728
Value: true
totalnicenewz.com/ Name: reverse
Value: 8p6a6Q7NtugXsa6CchmY7IY5q-uy4tOzjW9BjTTsrDA
totalnicenewz.com/ Name: oaidts
Value: 1707254199
totalnicenewz.com/ Name: OAID
Value: d8c1439f58fe494786f3675753cb7542
.track.additionalbenefits.org/ Name: 742ca7d8-c5c4-499a-a412-67ea49912e87-v4
Value: jsrwVdOJ7tNxrVZUDZmKpbi-5QJkCdWNBjt3oVWwXQ0
.track.additionalbenefits.org/ Name: cc-v4
Value: %2BRW8p3rLdKyd%2F2Wd4ZMn2TxpQxc8PhHVRg%2BM7fiJ6ayIC5B3CmvOlY1rUM7Hpz5j0urDpP4ZoM3KpYrGwDhqECIB8uKRVVZPKaLljcVPEMCl7RlIqYtHhDTTFgilWNRgl79xI8dCfOzt9%2Fck4cUBsw%3D%3D

9 Console Messages

Source Level URL
Text
other warning URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/?s=778843158900646084&ssk=49c01cccbcfa01102eaf88b0c26559ad&svar=1707254197&z=6634689&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/afu.php?zoneid=4662728&var=4662728&rid=01rRcJlUYhuPvc1Bl3BO0Q%3D%3D&rhd=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://totalnicenewz.com/afu.php?zoneid=4662728&var=4662728&rid=01rRcJlUYhuPvc1Bl3BO0Q%3D%3D&rhd=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1279112236350881?v=2.9.145&r=stable&domain=equi5.subsidyaid.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.peethach.com
api.ipify.org
connect.facebook.net
datatechone.com
display.ringba.com
equi5.subsidyaid.com
fonts.googleapis.com
fonts.gstatic.com
funnel.improveourcredit.com
js.callcdn.com
lander-main-microservice.netlify.app
my.rtmark.net
totalnicenewz.com
track.additionalbenefits.org
track.subsidyaid.com
www.facebook.com
www.googletagmanager.com
my.rtmark.net
totalnicenewz.com
104.154.135.87
104.237.62.212
108.139.47.112
139.45.195.8
142.250.65.195
142.251.40.106
142.251.40.168
157.240.241.1
172.64.204.9
23.44.201.166
31.13.71.36
34.123.196.68
34.232.110.131
37.48.68.71
54.211.24.82
54.84.236.175
02643c4790593efc994305a03557d68b339e66b3e1dbd390ff10726430dea506
07edc267cf6450c21b85b43d498632665b785593860e4ea9911219d890179863
0bf2f92c0732dc6b5addcbc92ef06037a013deea689814159b87b0bdf2c63e57
0e4b455181a5b285f26758971d8f0b47ee821307adfbf91b6c75602f50c94a0d
0f44e010ea27f863358b836c627321554516c1e1cb1e7df3c73d9b2a03a96a9c
1121f900845e1e1d10a24d0ebeca2cba7980de8b55118546879a2e1a54b638d9
176f2cb0f7d0d607cf3903b22162cec1387e1cfbf363d76b29a2870ee1146128
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b
41c5942b665b0d689809e54ad42a829ad7d05b465da0ef6a6834a73f3b40e6b3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
51b937d7ee0a602eda05f4bbc157b6dd8c7dbf0d3eba148d82157d28f63b8d47
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
596d8c7c979374e6245ec71afc0ec62a0551263d0674bd611fea60d654ee9030
5b8e5d2f27e9fb10aae3edb56fc9134aed9ab59317b7a1fbc7f19bdaca05ffbc
5e53d918f1e31a51d64f9780fa1c4d91fcac71db9c13fcb9194d633213158bc7
74e959bdf6b08b492e3b51a00f380ec6dc909967a3e3bdc62f90f9921c77d251
7ee7f061f864c34e21a8a9c0a753ec7e61415a7032fc0b04cc784c0134956db0
83b78ab2ca543f34ac77a105efaff8fd77bbdba44939b8be442a1bcc85f14cb2
a65df679865cbe83d89e0edcd0f684ea66169fedee5b420cf1b6544e9fa13845
a77b9b9275e26bb98b837a4e36db0a1645148132791c28c5b0ecd8ef645e56ec
b3b59ed497b64917f794e3ee961cbf9dfc4ff6ca5033f9b28d8e76b0c0a2623d
b416c2ebf4b4d4e71bd515a35a15f45da09c708728cfedb05dc3ed2902fc68dd
b6d27052fc50beb3dac4d6cbcfc5fbf9ffbe2819db244c65207c163e16149705
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f
d3856b4d11d76e6f4fa87973b4ec83dd6ef0e9cb6eeda65b884727f33512fc4b
d98e363001bf12c1cd35434282827fa2ea9ec28272eabc51988e8feee441bb05
dbc384bd02b57754a0bfab2891767aa3fa65100af6f9e7947c09eef292606d0f
ddb682b2e3d2ac7f1e637ed27a3b98f4b88145dd09742da03c35ee597b1df525
ddf815a7a7b5ad1e87132638f5d141599075d6f61a5700e21dfd5e44209253ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79a2094a4f2d171501ebe181e488959ea72c6cb8042fa73e5d4b95e2d22a9ab
e7ac9ad730d43956d46938079899f41f83714aa8e8affc90186373773c528706
ee82b191319cab951f67e31261e7c36a53bc0b49fe818f7523614140385b4c2e
ef3e7e94fc36d961b807c8fa6c2bbbd5cf60a746a95c0d01f331d847156b198c
ef6ebebb5f3b1f249439235c20ce8b7b4da09b4865c7e02cc508b70bfaf54cf9
fa9bb74cb885084014960f08e9bcd5fff5eaff8575dc00dd3e70d0a21a426a4a
fbefb53e718f4e5f3c2d02656af3678f10b9388a82511855617830f58cd98f61