urlscan.io logo urlscan.io
SecurityTrails logo

beforeitsnews.com Open in urlscan Pro
172.67.141.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://beforeitsnews.com/
Effective URL: https://beforeitsnews.com/
Submission: On October 06 via manual from SG — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 10 countries across 96 domains to perform 537 HTTP transactions. The main IP is 172.67.141.76, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is beforeitsnews.com. The Cisco Umbrella rank of the primary domain is 321393.
TLS certificate: Issued by WE1 on October 5th 2025. Valid for: 3 months.
This is the only time beforeitsnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 47 172.67.141.76 13335 (CLOUDFLAR...)
1 172.217.24.42 15169 (GOOGLE)
37 104.17.200.65 13335 (CLOUDFLAR...)
2 142.250.66.246 15169 (GOOGLE)
2 192.124.249.16 30148 (SUCURI-SEC)
1 172.67.163.169 13335 (CLOUDFLAR...)
7 142.251.221.68 15169 (GOOGLE)
9 172.217.24.46 15169 (GOOGLE)
1 3.175.115.52 16509 (AMAZON-02)
12 142.250.66.227 15169 (GOOGLE)
10 104.16.71.101 13335 (CLOUDFLAR...)
2 142.250.66.238 15169 (GOOGLE)
1 151.101.194.217 54113 (FASTLY)
1 138.199.46.69 60068 (CDN77 Dat...)
4 18.244.51.50 16509 (AMAZON-02)
3 35.190.30.115 396982 (GOOGLE-CL...)
2 172.217.167.104 15169 (GOOGLE)
2 104.21.94.231 13335 (CLOUDFLAR...)
5 104.16.160.145 13335 (CLOUDFLAR...)
15 172.217.24.35 15169 (GOOGLE)
4 142.250.67.10 15169 (GOOGLE)
3 104.26.5.240 13335 (CLOUDFLAR...)
24 142.250.204.14 15169 (GOOGLE)
3 44.239.77.25 16509 (AMAZON-02)
1 3.175.115.53 16509 (AMAZON-02)
3 104.16.79.73 13335 (CLOUDFLAR...)
35 142.250.66.194 15169 (GOOGLE)
2 104.21.64.241 13335 (CLOUDFLAR...)
5 104.17.198.65 13335 (CLOUDFLAR...)
1 92.223.78.30 199524 (GCORE G-C...)
4 23.46.179.97 20940 (AKAMAI-AS...)
6 172.240.45.75 7979 (SERVERS-COM)
3 6 172.217.24.34 15169 (GOOGLE)
3 142.251.221.70 15169 (GOOGLE)
3 142.250.71.86 15169 (GOOGLE)
3 142.250.67.1 15169 (GOOGLE)
3 104.18.34.73 13335 (CLOUDFLAR...)
1 172.66.169.55 13335 (CLOUDFLAR...)
4 142.250.71.74 15169 (GOOGLE)
2 2 184.27.43.153 16625 (AKAMAI-AS)
4 2.18.225.135 16625 (AKAMAI-AS)
4 23 51.79.152.81 16276 (OVH OVH SAS)
14 14 207.65.33.79 62713 (AS-PUBMATIC)
10 14 142.250.76.98 15169 (GOOGLE)
7 16 207.65.33.82 62713 (AS-PUBMATIC)
2 2 35.212.187.52 15169 (GOOGLE)
3 5 35.244.154.8 396982 (GOOGLE-CL...)
5 11 119.8.187.97 136907 (HWCLOUDS-...)
1 1 23.106.50.36 59253 (LEASEWEB-...)
2 2 103.67.201.72 59210 (PHOENIXNA...)
2 2 203.195.121.141 7979 (SERVERS-COM)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 1 172.67.191.172 13335 (CLOUDFLAR...)
1 107.178.254.65 396982 (GOOGLE-CL...)
2 2 35.212.192.196 15169 (GOOGLE)
1 1 104.18.140.15 13335 (CLOUDFLAR...)
1 2 67.199.150.85 62713 (AS-PUBMATIC)
2 2 148.251.40.153 24940 (HETZNER-A...)
3 3 103.43.91.210 29990 (ASN-APPNEX)
6 7 131.153.206.103 59210 (PHOENIXNA...)
2 2 35.186.253.211 396982 (GOOGLE-CL...)
2 4 79.127.230.245 60068 (CDN77 Dat...)
1 1 52.203.219.163 14618 (AMAZON-AES)
1 2 37.157.6.230 198622 (ADFORM Ad...)
2 2 70.42.32.223 22075 (AS-OUTBRAIN)
1 1 70.42.32.31 22075 (AS-OUTBRAIN)
3 3 216.239.34.181 15169 (GOOGLE)
1 142.251.12.156 15169 (GOOGLE)
1 172.217.167.99 15169 (GOOGLE)
1 172.240.45.81 7979 (SERVERS-COM)
1 3 34.1.250.35 15169 (GOOGLE)
6 7 103.43.89.4 29990 (ASN-APPNEX)
2 2 69.173.144.138 26667 (RUBICONPR...)
2 2 23.48.96.203 20940 (AKAMAI-AS...)
13 22 69.173.158.64 26667 (RUBICONPR...)
2 80.77.87.162 46636 (NATCOWEB)
6 6 82.145.213.8 39832 (NO-OPERA ...)
3 3 151.101.130.58 54113 (FASTLY)
2 2 23.106.127.38 59253 (LEASEWEB-...)
1 5 98.82.154.76 14618 (AMAZON-AES)
6 6 52.74.113.66 16509 (AMAZON-02)
3 3 13.236.253.224 16509 (AMAZON-02)
1 3 52.77.62.253 16509 (AMAZON-02)
7 7 35.213.7.90 15169 (GOOGLE)
3 104.17.199.65 13335 (CLOUDFLAR...)
8 10 162.19.138.117 16276 (OVH OVH SAS)
1 162.19.223.4 16276 (OVH OVH SAS)
1 141.95.98.65 16276 (OVH OVH SAS)
2 2 69.173.151.100 26667 (RUBICONPR...)
9 172.240.45.96 7979 (SERVERS-COM)
2 23.221.132.242 16625 (AKAMAI-AS)
3 3 44.229.23.193 16509 (AMAZON-02)
1 2 69.166.1.35 27630 (AS-XFERNET)
2 172.240.45.70 7979 (SERVERS-COM)
1 2 52.95.126.160 16509 (AMAZON-02)
1 2 54.200.129.212 16509 (AMAZON-02)
4 4 15.197.193.217 16509 (AMAZON-02)
1 150.171.22.12 8075 (MICROSOFT...)
3 3 54.150.224.75 16509 (AMAZON-02)
1 52.24.186.34 16509 (AMAZON-02)
1 1 3.209.75.166 14618 (AMAZON-AES)
3 131.153.206.102 59210 (PHOENIXNA...)
1 1 18.67.175.35 16509 (AMAZON-02)
1 2 108.158.32.104 16509 (AMAZON-02)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 1 116.202.167.156 24940 (HETZNER-A...)
3 207.65.33.86 62713 (AS-PUBMATIC)
3 51.195.126.30 16276 (OVH OVH SAS)
1 51.195.73.113 16276 (OVH OVH SAS)
1 51.195.127.100 16276 (OVH OVH SAS)
4 51.195.127.115 16276 (OVH OVH SAS)
2 135.125.146.80 16276 (OVH OVH SAS)
2 51.195.73.74 16276 (OVH OVH SAS)
1 51.195.73.71 16276 (OVH OVH SAS)
1 135.125.140.162 16276 (OVH OVH SAS)
1 51.195.34.222 16276 (OVH OVH SAS)
1 104.18.13.250 13335 (CLOUDFLAR...)
2 67.199.150.81 62713 (AS-PUBMATIC)
2 2 37.157.5.84 198622 (ADFORM Ad...)
1 182.161.73.175 55569 (CRITEO-AS...)
2 3 35.71.131.137 16509 (AMAZON-02)
1 1 35.86.21.198 16509 (AMAZON-02)
24 142.251.221.74 15169 (GOOGLE)
3 4 185.84.60.20 198622 (ADFORM Ad...)
1 34.124.209.251 396982 (GOOGLE-CL...)
1 1 74.121.140.211 30419 (PAEDAE-INC)
2 2 183.177.68.211 10310 (YAHOO-1)
11 131.153.206.100 59210 (PHOENIXNA...)
1 1 18.138.18.111 16509 (AMAZON-02)
1 2 54.149.208.251 16509 (AMAZON-02)
1 1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 13.228.29.185 16509 (AMAZON-02)
1 1 13.215.145.61 16509 (AMAZON-02)
1 1 35.227.252.103 396982 (GOOGLE-CL...)
1 172.217.24.38 15169 (GOOGLE)
2 2 95.173.218.100 60068 (CDN77 Dat...)
23 142.250.66.226 15169 (GOOGLE)
1 43.250.0.199 29990 (ASN-APPNEX)
2 207.65.33.76 62713 (AS-PUBMATIC)
36 192.178.153.120 15169 (GOOGLE)
1 1 52.45.234.190 14618 (AMAZON-AES)
3 3 35.213.45.194 15169 (GOOGLE)
1 2 151.101.130.49 54113 (FASTLY)
2 2 103.229.10.211 16509 (AMAZON-02)
1 35.186.193.173 396982 (GOOGLE-CL...)
2 2 13.213.13.123 16509 (AMAZON-02)
2 2 104.18.37.193 13335 (CLOUDFLAR...)
2 2 108.158.32.67 16509 (AMAZON-02)
1 2 54.151.226.82 16509 (AMAZON-02)
537 103
47    172.67.141.76 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
beforeitsnews.com
1    172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f10.1e100.net
fonts.googleapis.com
37    104.17.200.65 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
servicer.mgid.com
cdn.mgid.com
cm.mgid.com
2    142.250.66.246 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f22.1e100.net
i.ytimg.com
2    192.124.249.16 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10016.sucuri.net
cdn.sucuri.net
1    172.67.163.169 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
entzames.com
7    142.251.221.68 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f4.1e100.net
www.google.com
9    172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f46.1e100.net
translate.google.com
www.google-analytics.com
play.google.com
1    3.175.115.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-175-115-52.syd3.r.cloudfront.net
cdn2.customads.co
12    142.250.66.227 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net
fonts.gstatic.com
10    104.16.71.101 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
i.imgflip.com
2    142.250.66.238 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net
img.youtube.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
i.insider.com
1    138.199.46.69 (Singapore, Singapore)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 138-199-46-69.bunnyinfra.net
static-3.bitchute.com
4    18.244.51.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-51-50.cgk50.r.cloudfront.net
cdn.browsiprod.com
3    35.190.30.115 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.30.190.35.bc.googleusercontent.com
customads.co
2    172.217.167.104 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f8.1e100.net
www.googletagmanager.com
2    104.21.94.231 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
a1.beforeitsnews.com
ajax.beforeitsnews.com
5    104.16.160.145 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
15    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f3.1e100.net
www.gstatic.com
4    142.250.67.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net
translate.googleapis.com
www.googleapis.com
3    104.26.5.240 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
www.tickcounter.com
24    142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
www.youtube.com
3    44.239.77.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-77-25.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    3.175.115.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-175-115-53.syd3.r.cloudfront.net
yield-manager.browsiprod.com
3    104.16.79.73 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
35    142.250.66.194 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
pagead2.googlesyndication.com
2    104.21.64.241 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
rddywd.com
5    104.17.198.65 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    92.223.78.30 (Sydney, Australia)

ASN199524 (GCORE G-Core Labs S.A., LU)
video-native.mgid.com
4    23.46.179.97 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-46-179-97.deploy.static.akamaitechnologies.com
player.aniview.com
6    172.240.45.75 (United States)

ASN7979 (SERVERS-COM, US)
track1.aniview.com
6    172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f2.1e100.net
googleads.g.doubleclick.net
3    142.251.221.70 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f6.1e100.net
static.doubleclick.net
3    142.250.71.86 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f22.1e100.net
i.ytimg.com
3    142.250.67.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f1.1e100.net
yt3.ggpht.com
3    104.18.34.73 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cl.imghosts.com
1    172.66.169.55 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
4    142.250.71.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net
jnn-pa.googleapis.com
2    184.27.43.153 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-27-43-153.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    2.18.225.135 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-225-135.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
23    51.79.152.81 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip81.ip-51-79-152.net
onetag-sys.com
14    207.65.33.79 (Singapore)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
14    142.250.76.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
cm.g.doubleclick.net
16    207.65.33.82 (Singapore)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    35.212.187.52 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 52.187.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
5    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
11    119.8.187.97 (Singapore, Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-119-8-187-97.compute.hwclouds-dns.com
ad.360yield.com
match.360yield.com
ap-ice.360yield.com
1    23.106.50.36 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ssbsync.smartadserver.com
2    103.67.201.72 (Singapore, Singapore)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
PTR: 1.cpm.sin1.wowcon.net
sync.adkernel.com
2    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    172.67.191.172 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cm.rtbsystem.com
1    107.178.254.65 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    35.212.192.196 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 196.192.212.35.bc.googleusercontent.com
visitor-mgid.omnitagjs.com
visitor-ow.omnitagjs.com
1    104.18.140.15 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    67.199.150.85 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    148.251.40.153 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.153.40.251.148.clients.your-server.de
sync.richaudience.com
3    103.43.91.210 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
7    131.153.206.103 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
2    35.186.253.211 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    79.127.230.245 (Singapore, Singapore)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-79-127-230-245.datapacket.com
id.a-mx.com
id.rtb.mx
1    52.203.219.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-219-163.compute-1.amazonaws.com
ads.yieldmo.com
2    37.157.6.230 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net
2    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.outbrain.com
3    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
stats.g.doubleclick.net
1    172.217.167.99 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f3.1e100.net
www.google.com.au
1    172.240.45.81 (United States)

ASN7979 (SERVERS-COM, US)
go1.aniview.com
3    34.1.250.35 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 35.250.1.34.bc.googleusercontent.com
rtb.mfadsrvr.com
7    103.43.89.4 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    23.48.96.203 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-96-203.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
22    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
6    82.145.213.8 (Amsterdam, Netherlands)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    151.101.130.58 (United States)

ASN54113 (FASTLY, US)
www.temu.com
2    23.106.127.38 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ssbsync-global.smartadserver.com
5    98.82.154.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-154-76.compute-1.amazonaws.com
s.amazon-adsystem.com
6    52.74.113.66 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-113-66.ap-southeast-1.compute.amazonaws.com
sync.1rx.io
3    13.236.253.224 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-236-253-224.ap-southeast-2.compute.amazonaws.com
ad.turn.com
3    52.77.62.253 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-62-253.ap-southeast-1.compute.amazonaws.com
sync.targeting.unrulymedia.com
7    35.213.7.90 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 90.7.213.35.bc.googleusercontent.com
x.bidswitch.net
3    104.17.199.65 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
10    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    162.19.223.4 (France)

ASN16276 (OVH OVH SAS, FR)
lbs.eu-1-id5-sync.com
1    141.95.98.65 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
9    172.240.45.96 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
2    23.221.132.242 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-132-242.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    44.229.23.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-23-193.us-west-2.compute.amazonaws.com
ap.lijit.com
2    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    172.240.45.70 (United States)

ASN7979 (SERVERS-COM, US)
s2s.aniview.com
2    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    54.200.129.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-129-212.us-west-2.compute.amazonaws.com
pr-bh.ybp.yahoo.com
4    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    150.171.22.12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    54.150.224.75 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-224-75.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    52.24.186.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-186-34.us-west-2.compute.amazonaws.com
ce.lijit.com
1    3.209.75.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-75-166.compute-1.amazonaws.com
sync.ipredictive.com
3    131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
sync.a-mo.net
1    18.67.175.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-175-35.cgk51.r.cloudfront.net
live.primis.tech
2    108.158.32.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-104.syd3.r.cloudfront.net
sync.intentiq.com
syncv4.intentiq.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    116.202.167.156 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.156.167.202.116.clients.your-server.de
inv-nets.admixer.net
3    207.65.33.86 (Singapore)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
ow.pubmatic.com
3    51.195.126.30 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip30.ip-51-195-126.eu
d0.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
d7.eu-4-id5-sync.com
1    51.195.73.113 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip113.ip-51-195-73.eu
d1.eu-3-id5-sync.com
1    51.195.127.100 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip100.ip-51-195-127.eu
d2.eu-3-id5-sync.com
4    51.195.127.115 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip115.ip-51-195-127.eu
d3.eu-3-id5-sync.com
d5.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
d3.eu-4-id5-sync.com
2    135.125.146.80 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip80.ip-135-125-146.eu
d4.eu-3-id5-sync.com
d6.eu-3-id5-sync.com
2    51.195.73.74 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip74.ip-51-195-73.eu
d7.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
1    51.195.73.71 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip71.ip-51-195-73.eu
d0.eu-4-id5-sync.com
1    135.125.140.162 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip162.ip-135-125-140.eu
d5.eu-4-id5-sync.com
1    51.195.34.222 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip222.ip-51-195-34.eu
d6.eu-4-id5-sync.com
1    104.18.13.250 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
a.amxrtb.com
2    67.199.150.81 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    37.157.5.84 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
track.adform.net
1    182.161.73.175 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.86.21.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-86-21-198.us-west-2.compute.amazonaws.com
pr-bh.ybp.yahoo.com
24    142.251.221.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
imasdk.googleapis.com
4    185.84.60.20 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
1    34.124.209.251 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
1    74.121.140.211 (Reston, United States)

ASN30419 (PAEDAE-INC, US)
sync.mathtag.com
2    183.177.68.211 (Sydney, Australia)

ASN10310 (YAHOO-1, US)
PTR: e2-ha.ycpi.aue.yahoo.com
ups.analytics.yahoo.com
11    131.153.206.100 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
sea1-sync.a-mo.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    54.149.208.251 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-208-251.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    13.228.29.185 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-29-185.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    13.215.145.61 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-145-61.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    35.227.252.103 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    172.217.24.38 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f38.1e100.net
s0.2mdn.net
2    95.173.218.100 (Singapore, Singapore)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-95-173-218-100.datapacket.com
uipglob.semasio.net
23    142.250.66.226 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
pubads.g.doubleclick.net
1    43.250.0.199 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.sin3.adnexus.net
prebid.adnxs.com
2    207.65.33.76 (Singapore)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
36    192.178.153.120 (United States)

ASN15169 (GOOGLE, US)
PTR: yucmhps-in-f120.1e100.net
csi.gstatic.com
1    52.45.234.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-234-190.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    35.213.45.194 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 194.45.213.35.bc.googleusercontent.com
pool.admedo.com
pool.liftdsp.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.186.193.173 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    13.213.13.123 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-13-123.ap-southeast-1.compute.amazonaws.com
pubmatic-match.dotomi.com
2    104.18.37.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    108.158.32.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-67.syd3.r.cloudfront.net
cr-p10.ladsp.com
2    54.151.226.82 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-226-82.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
63 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
844 KB
49 beforeitsnews.com
beforeitsnews.com — Cisco Umbrella Rank: 321393
a1.beforeitsnews.com — Cisco Umbrella Rank: 864206
ajax.beforeitsnews.com — Cisco Umbrella Rank: 543761
1006 KB
47 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
static.doubleclick.net — Cisco Umbrella Rank: 257
cm.g.doubleclick.net — Cisco Umbrella Rank: 317
stats.g.doubleclick.net — Cisco Umbrella Rank: 180
pubads.g.doubleclick.net — Cisco Umbrella Rank: 501
8 KB
46 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 10940
c.mgid.com — Cisco Umbrella Rank: 8278
servicer.mgid.com — Cisco Umbrella Rank: 10975
cdn.mgid.com — Cisco Umbrella Rank: 16602
s-img.mgid.com — Cisco Umbrella Rank: 12270
video-native.mgid.com — Cisco Umbrella Rank: 45338
cm.mgid.com — Cisco Umbrella Rank: 2083
347 KB
41 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 764
image2.pubmatic.com — Cisco Umbrella Rank: 945
image4.pubmatic.com — Cisco Umbrella Rank: 1322
ads.pubmatic.com — Cisco Umbrella Rank: 660
ut.pubmatic.com — Cisco Umbrella Rank: 1086
image6.pubmatic.com — Cisco Umbrella Rank: 825
simage2.pubmatic.com — Cisco Umbrella Rank: 1143
ow.pubmatic.com — Cisco Umbrella Rank: 2049
simage4.pubmatic.com — Cisco Umbrella Rank: 2399
26 KB
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
68 KB
33 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
translate.googleapis.com — Cisco Umbrella Rank: 999
www.googleapis.com — Cisco Umbrella Rank: 35
jnn-pa.googleapis.com — Cisco Umbrella Rank: 441
imasdk.googleapis.com — Cisco Umbrella Rank: 569
536 KB
32 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1162
eus.rubiconproject.com — Cisco Umbrella Rank: 738
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2132
pixel.rubiconproject.com — Cisco Umbrella Rank: 462
token.rubiconproject.com — Cisco Umbrella Rank: 565
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1607
43 KB
26 youtube.com
img.youtube.com — Cisco Umbrella Rank: 1092
www.youtube.com — Cisco Umbrella Rank: 84
1 MB
23 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 821
11 KB
22 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1738
track1.aniview.com — Cisco Umbrella Rank: 4571
go1.aniview.com — Cisco Umbrella Rank: 12440
sync.aniview.com — Cisco Umbrella Rank: 1549
s2s.aniview.com — Cisco Umbrella Rank: 15034
343 KB
21 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 892
sync.a-mo.net — Cisco Umbrella Rank: 1498
sea1-sync.a-mo.net — Cisco Umbrella Rank: 18274
7 KB
14 google.com
www.google.com — Cisco Umbrella Rank: 2
translate.google.com — Cisco Umbrella Rank: 1183
play.google.com — Cisco Umbrella Rank: 29
analytics.google.com — Cisco Umbrella Rank: 170
98 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 327
prebid.adnxs.com — Cisco Umbrella Rank: 1336
10 KB
11 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 810
match.360yield.com — Cisco Umbrella Rank: 2658
ap-ice.360yield.com — Cisco Umbrella Rank: 116593
6 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 799
id5-sync.com — Cisco Umbrella Rank: 519
48 KB
10 imgflip.com
i.imgflip.com — Cisco Umbrella Rank: 47693
604 KB
8 eu-4-id5-sync.com
d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 62531
d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 62559
d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 62616
d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 62416
d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 62643
d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 62446
d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 61972
d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 62462
1 KB
8 eu-3-id5-sync.com
d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 62641
d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 62642
d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 62909
d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 62210
d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 62760
d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 62547
d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 62998
d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 62623
1 KB
8 adform.net
cm.adform.net — Cisco Umbrella Rank: 1287
track.adform.net — Cisco Umbrella Rank: 5231
c1.adform.net — Cisco Umbrella Rank: 778
5 KB
8 browsiprod.com
cdn.browsiprod.com — Cisco Umbrella Rank: 4783
events.browsiprod.com — Cisco Umbrella Rank: 4403
yield-manager.browsiprod.com — Cisco Umbrella Rank: 4377
109 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 431
5 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 448
2 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 379
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1217
5 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 552
2 KB
6 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1027
5 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 508
2 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 732
ups.analytics.yahoo.com — Cisco Umbrella Rank: 645
180 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 813
idsync.rlcdn.com — Cisco Umbrella Rank: 560
2 KB
5 mfadsrvr.com
rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 13024
rtb.mfadsrvr.com — Cisco Umbrella Rank: 993
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 59
21 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5542
onesignal.com — Cisco Umbrella Rank: 1503
83 KB
5 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 100
192 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 828
ce.lijit.com — Cisco Umbrella Rank: 1004
2 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 608
us-u.openx.net — Cisco Umbrella Rank: 566
1 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 576
2 KB
4 customads.co
cdn2.customads.co — Cisco Umbrella Rank: 129133
customads.co — Cisco Umbrella Rank: 88700
10 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 723
1 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1329
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 913
2 KB
3 temu.com
www.temu.com — Cisco Umbrella Rank: 731
1 KB
3 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1507
3 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 773
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1610
767 B
3 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 20960
447 KB
3 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 284
13 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 453
cloudflareinsights.com — Cisco Umbrella Rank: 444
7 KB
3 tickcounter.com
www.tickcounter.com — Cisco Umbrella Rank: 74651
63 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1017
860 B
2 ladsp.com
cr-p10.ladsp.com — Cisco Umbrella Rank: 27812
994 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1436
s.tribalfusion.com — Cisco Umbrella Rank: 3318
1010 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4288
703 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1000
706 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 895
705 B
2 liftdsp.com
pool.liftdsp.com — Cisco Umbrella Rank: 5963
751 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1518
879 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 285
1 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1104
syncv4.intentiq.com — Cisco Umbrella Rank: 1594
2 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1101
1 KB
2 eu-1-id5-sync.com
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1225
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 996
578 B
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 848
206 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 880
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 802
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 721
1 KB
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1185
646 B
2 omnitagjs.com
visitor-mgid.omnitagjs.com — Cisco Umbrella Rank: 26069
visitor-ow.omnitagjs.com — Cisco Umbrella Rank: 10481
757 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1627
1 KB
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1521
1 KB
2 rddywd.com
rddywd.com — Cisco Umbrella Rank: 290100
913 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
239 KB
2 sucuri.net
cdn.sucuri.net — Cisco Umbrella Rank: 173852
8 KB
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5189
374 B
1 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5452
213 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 734
1 KB
1 rtb.mx
id.rtb.mx — Cisco Umbrella Rank: 3475
825 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 445
17 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 665
319 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 27269
656 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1208
pixel.mathtag.com — Cisco Umbrella Rank: 3924 Failed
948 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 950
610 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 840
363 B
1 amxrtb.com
a.amxrtb.com — Cisco Umbrella Rank: 1545
5 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3189
365 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1788
564 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 994
500 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 357
538 B
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 22158
63 B
1 outbrain.com
b1sync.outbrain.com — Cisco Umbrella Rank: 857
722 B
1 idealmedia.io
cm.idealmedia.io — Cisco Umbrella Rank: 17074
581 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 989
570 B
1 rtbsystem.com
cm.rtbsystem.com — Cisco Umbrella Rank: 6153
785 B
1 bitchute.com
static-3.bitchute.com — Cisco Umbrella Rank: 317423
24 KB
1 insider.com
i.insider.com — Cisco Umbrella Rank: 42617
8 KB
1 entzames.com
entzames.com — Cisco Umbrella Rank: 978345
6 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 presage.io Failed
ms-cookie-sync.presage.io Failed
0 tradingview.com Failed
s3.tradingview.com Failed
537 96
Domain Requested by
47 beforeitsnews.com 1 redirects beforeitsnews.com
36 csi.gstatic.com imasdk.googleapis.com
35 pagead2.googlesyndication.com entzames.com
imasdk.googleapis.com
24 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
24 www.youtube.com beforeitsnews.com
www.youtube.com
23 pubads.g.doubleclick.net imasdk.googleapis.com
23 onetag-sys.com 4 redirects cm.mgid.com
beforeitsnews.com
onetag-sys.com
player.aniview.com
17 cm.mgid.com jsc.mgid.com
beforeitsnews.com
onetag-sys.com
15 www.gstatic.com www.google.com
translate.googleapis.com
www.gstatic.com
www.youtube.com
14 pixel.rubiconproject.com 7 redirects onetag-sys.com
beforeitsnews.com
14 cm.g.doubleclick.net 10 redirects onetag-sys.com
beforeitsnews.com
14 image8.pubmatic.com 14 redirects
12 fonts.gstatic.com fonts.googleapis.com
beforeitsnews.com
www.youtube.com
www.google.com
11 sea1-sync.a-mo.net ads.pubmatic.com
prebid.a-mo.net
11 simage2.pubmatic.com 3 redirects ads.pubmatic.com
beforeitsnews.com
10 id5-sync.com 8 redirects cdn.id5-sync.com
10 ib.adnxs.com 9 redirects beforeitsnews.com
10 c.mgid.com beforeitsnews.com
10 i.imgflip.com beforeitsnews.com
9 sync.aniview.com player.aniview.com
beforeitsnews.com
prebid.a-mo.net
ads.pubmatic.com
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 ad.360yield.com 3 redirects player.aniview.com
beforeitsnews.com
8 servicer.mgid.com beforeitsnews.com
jsc.mgid.com
7 match.adsrvr.org 6 redirects beforeitsnews.com
7 x.bidswitch.net 7 redirects
7 prebid.a-mo.net 6 redirects player.aniview.com
7 www.google.com beforeitsnews.com
www.gstatic.com
www.youtube.com
6 sync.1rx.io 6 redirects
6 t.adx.opera.com 6 redirects
6 googleads.g.doubleclick.net 3 redirects www.youtube.com
6 track1.aniview.com beforeitsnews.com
player.aniview.com
5 pixel.tapad.com 3 redirects beforeitsnews.com
5 s.amazon-adsystem.com 1 redirects onetag-sys.com
beforeitsnews.com
5 image2.pubmatic.com 4 redirects ads.pubmatic.com
5 s-img.mgid.com beforeitsnews.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
beforeitsnews.com
5 i.ytimg.com beforeitsnews.com
www.youtube.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 idsync.rlcdn.com 3 redirects beforeitsnews.com
4 creativecdn.com 4 redirects
4 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
player.aniview.com
4 jnn-pa.googleapis.com www.youtube.com
4 player.aniview.com jsc.mgid.com
player.aniview.com
4 cdn.mgid.com beforeitsnews.com
4 cdn.browsiprod.com jsc.mgid.com
cdn.browsiprod.com
3 sync.a-mo.net beforeitsnews.com
prebid.a-mo.net
3 match.prod.bidr.io 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 ap.lijit.com 3 redirects
3 sync.targeting.unrulymedia.com 1 redirects onetag-sys.com
player.aniview.com
3 ad.turn.com 3 redirects
3 www.temu.com 3 redirects
3 rtb.mfadsrvr.com 1 redirects onetag-sys.com
3 analytics.google.com 3 redirects
3 id.a-mx.com 2 redirects a.amxrtb.com
3 rtb.openx.net 3 redirects
3 cl.imghosts.com beforeitsnews.com
3 play.google.com www.youtube.com
3 yt3.ggpht.com www.youtube.com
3 static.doubleclick.net www.youtube.com
3 events.browsiprod.com cdn.browsiprod.com
3 www.tickcounter.com beforeitsnews.com
www.tickcounter.com
3 onesignal.com cdn.onesignal.com
3 translate.googleapis.com translate.googleapis.com
3 customads.co cdn2.customads.co
2 sync.crwdcntrl.net 1 redirects beforeitsnews.com
2 cr-p10.ladsp.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 cms.quantserve.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 pool.liftdsp.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 uipglob.semasio.net 2 redirects
2 dpm.demdex.net 1 redirects beforeitsnews.com
2 ups.analytics.yahoo.com 2 redirects
2 track.adform.net 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 ut.pubmatic.com ads.pubmatic.com
2 aax-eu.amazon-adsystem.com 1 redirects beforeitsnews.com
2 s2s.aniview.com player.aniview.com
2 sync.go.sonobi.com 1 redirects player.aniview.com
2 ads.pubmatic.com player.aniview.com
onetag-sys.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 ssbsync-global.smartadserver.com 2 redirects
2 cs.admanmedia.com onetag-sys.com
2 ads.stickyadstv.com 2 redirects
2 pixel-eu.rubiconproject.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 cm.adform.net 1 redirects prebid.a-mo.net
2 ads.yieldmo.com 2 redirects
2 sync.richaudience.com 2 redirects
2 image4.pubmatic.com 1 redirects ads.pubmatic.com
2 match.360yield.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 sync.adkernel.com 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 rddywd.com entzames.com
beforeitsnews.com
2 cloudflareinsights.com static.cloudflareinsights.com
2 cdn.onesignal.com beforeitsnews.com
cdn.onesignal.com
2 www.googletagmanager.com beforeitsnews.com
www.google-analytics.com
2 img.youtube.com beforeitsnews.com
2 cdn.sucuri.net beforeitsnews.com
cdn.sucuri.net
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 pool.admedo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ow.pubmatic.com beforeitsnews.com
1 prebid.adnxs.com beforeitsnews.com
1 id.rtb.mx a.amxrtb.com
1 s0.2mdn.net imasdk.googleapis.com
1 match.sharethrough.com 1 redirects
1 us-u.openx.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 sync.mathtag.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dis.criteo.com beforeitsnews.com
1 ap-ice.360yield.com beforeitsnews.com
1 a.amxrtb.com prebid.a-mo.net
1 d7.eu-4-id5-sync.com cdn.id5-sync.com
1 d6.eu-4-id5-sync.com cdn.id5-sync.com
1 d5.eu-4-id5-sync.com cdn.id5-sync.com
1 d4.eu-4-id5-sync.com cdn.id5-sync.com
1 d3.eu-4-id5-sync.com cdn.id5-sync.com
1 d2.eu-4-id5-sync.com cdn.id5-sync.com
1 d1.eu-4-id5-sync.com cdn.id5-sync.com
1 d0.eu-4-id5-sync.com cdn.id5-sync.com
1 d7.eu-3-id5-sync.com cdn.id5-sync.com
1 d6.eu-3-id5-sync.com cdn.id5-sync.com
1 d5.eu-3-id5-sync.com cdn.id5-sync.com
1 d4.eu-3-id5-sync.com cdn.id5-sync.com
1 d3.eu-3-id5-sync.com cdn.id5-sync.com
1 d2.eu-3-id5-sync.com cdn.id5-sync.com
1 d1.eu-3-id5-sync.com cdn.id5-sync.com
1 d0.eu-3-id5-sync.com cdn.id5-sync.com
1 inv-nets.admixer.net 1 redirects
1 syncv4.intentiq.com beforeitsnews.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 sync.ipredictive.com 1 redirects
1 ce.lijit.com beforeitsnews.com
1 px.ads.linkedin.com beforeitsnews.com
1 visitor-ow.omnitagjs.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 go1.aniview.com player.aniview.com
1 www.google.com.au beforeitsnews.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 b1sync.outbrain.com 1 redirects
1 cm.idealmedia.io 1 redirects
1 visitor-mgid.omnitagjs.com 1 redirects
1 pippio.com beforeitsnews.com
1 cm.rtbsystem.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 id.rlcdn.com beforeitsnews.com
1 cdn.id5-sync.com jsc.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 www.googleapis.com beforeitsnews.com
1 static.cloudflareinsights.com www.tickcounter.com
1 yield-manager.browsiprod.com cdn.browsiprod.com
1 ajax.beforeitsnews.com beforeitsnews.com
1 a1.beforeitsnews.com beforeitsnews.com
1 static-3.bitchute.com beforeitsnews.com
1 i.insider.com beforeitsnews.com
1 cdn2.customads.co beforeitsnews.com
1 translate.google.com beforeitsnews.com
1 entzames.com beforeitsnews.com
1 jsc.mgid.com beforeitsnews.com
1 fonts.googleapis.com beforeitsnews.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 pixel.mathtag.com Failed beforeitsnews.com
0 ms-cookie-sync.presage.io Failed onetag-sys.com
0 s3.tradingview.com Failed beforeitsnews.com
537 174
Subject Issuer Validity Valid
beforeitsnews.com
WE1		 2025-10-05 -
2026-01-03		 3 months crt.sh
upload.video.google.com
WE2		 2025-09-15 -
2025-12-08		 3 months crt.sh
mgid.com
WE1		 2025-08-24 -
2025-11-22		 3 months crt.sh
edgestatic.com
WR2		 2025-09-22 -
2025-12-15		 3 months crt.sh
*.sucuri.net
Go Daddy Secure Certificate Authority - G2		 2025-08-27 -
2026-09-28		 a year crt.sh
entzames.com
WE1		 2025-09-14 -
2025-12-13		 3 months crt.sh
*.google.com
WR2		 2025-09-15 -
2025-12-08		 3 months crt.sh
*.customads.co
Amazon RSA 2048 M03		 2025-06-30 -
2026-07-29		 a year crt.sh
*.gstatic.com
WR2		 2025-09-22 -
2025-12-15		 3 months crt.sh
i.imgflip.com
WE1		 2025-08-20 -
2025-11-18		 3 months crt.sh
*.insider.com
GlobalSign Atlas R3 DV TLS CA 2025 Q2		 2025-05-10 -
2026-06-11		 a year crt.sh
static-3.bitchute.com
R12		 2025-09-14 -
2025-12-13		 3 months crt.sh
*.browsiprod.com
Amazon RSA 2048 M03		 2024-11-14 -
2025-12-12		 a year crt.sh
customads.co
WR3		 2025-09-11 -
2025-12-10		 3 months crt.sh
*.google-analytics.com
WR2		 2025-09-15 -
2025-12-08		 3 months crt.sh
*.onesignal.com
WE1		 2025-08-22 -
2025-11-20		 3 months crt.sh
onesignal.com
WE1		 2025-08-22 -
2025-11-20		 3 months crt.sh
tickcounter.com
WE1		 2025-09-09 -
2025-12-08		 3 months crt.sh
cloudflareinsights.com
WE1		 2025-08-24 -
2025-11-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2025-09-15 -
2025-12-08		 3 months crt.sh
rddywd.com
WE1		 2025-08-15 -
2025-11-13		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2025-09-13 -
2026-10-15		 a year crt.sh
*.aniview.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-06-22 -
2026-06-23		 a year crt.sh
*.doubleclick.net
WR2		 2025-09-15 -
2025-12-08		 3 months crt.sh
*.googleusercontent.com
WR2		 2025-09-15 -
2025-12-08		 3 months crt.sh
cl.imghosts.com
WE1		 2025-08-22 -
2025-11-20		 3 months crt.sh
id5-sync.com
WE1		 2025-09-19 -
2025-12-18		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-06 -
2026-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-21 -
2025-12-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-06 -
2026-03-05		 a year crt.sh
*.google.com.au
WR2		 2025-09-15 -
2025-12-08		 3 months crt.sh
*.admanmedia.com
Sectigo RSA Domain Validation Secure Server CA		 2025-05-08 -
2026-05-19		 a year crt.sh
eu-1-id5-sync.com
R13		 2025-09-01 -
2025-11-30		 3 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-02 -
2026-10-01		 a year crt.sh
*.a-mo.net
R11		 2025-08-07 -
2025-11-05		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2024-12-06 -
2026-01-07		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2025-05-07 -
2026-05-10		 a year crt.sh
*.360yield.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-21 -
2026-02-21		 a year crt.sh
rtb.mfadsrvr.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-08-31 -
2025-11-28		 3 months crt.sh
eu-3-id5-sync.com
E7		 2025-09-01 -
2025-11-30		 3 months crt.sh
eu-4-id5-sync.com
E8		 2025-09-01 -
2025-11-30		 3 months crt.sh
a.amxrtb.com
WE1		 2025-09-14 -
2025-12-13		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-09-03 -
2025-12-06		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-09-05 -
2026-10-06		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2025-07-01 -
2025-12-24		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-05-23 -
2026-06-18		 a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2024-11-11 -
2025-12-11		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2025-06-13 -
2026-07-14		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2025 Q2		 2025-04-16 -
2026-05-18		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-07-15 -
2026-08-15		 a year crt.sh

This page contains 96 frames:

Primary Page: https://beforeitsnews.com/
Frame ID: 3D194C03C22DA75B1DAC921BBE344273
Requests: 204 HTTP requests in this frame

Frame: https://customads.co/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=2521&language=en-AU&sw=1600&sh=1200&pr=1&ot=landscape-primary&ex=false&embed_type=7&embed_frame_container_type=3
Frame ID: B9D318E75639A25B4C0D48E7977F0FB3
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=4407&language=en-AU&sw=1600&sh=1200&pr=1&ot=landscape-primary&ex=false&embed_type=7&embed_frame_container_type=3
Frame ID: 49136F49C256391A050A1031AF378892
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/9777028388081510?pubid=ld-6512-6157&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=4407&language=en-AU&sw=1600&sh=1200&pr=1&ot=landscape-primary&ex=false&embed_type=7&embed_frame_container_type=3
Frame ID: ABD1B07F5EA9BC1EC898BA4E30E9939A
Requests: 1 HTTP requests in this frame

Frame: https://beforeitsnews.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/main.js
Frame ID: B2B3A6A4ADBCD4AFBEBA63B5BE89BFC7
Requests: 2 HTTP requests in this frame

Frame: https://www.tickcounter.com/widget/countdown/5529669
Frame ID: A7BAC7733566883E48AF392B9235203B
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3HkOiY9OiRo
Frame ID: 1BA33F105B366A8469F60399BF3FCDD4
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EXJksnmgE8s
Frame ID: DE4B18A3ACBAE43330394B92D3B764E1
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Frame ID: ED690318BF4D7133B07D8F57128504BB
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&co=aHR0cHM6Ly9iZWZvcmVpdHNuZXdzLmNvbTo0NDM.&hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=na6nje77w9fa
Frame ID: 8502BBFA4CAFBC935FA9252AC461A9BF
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: DC45C8493361F39A255611F46050D29C
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.pgV-E-68K-A.L.W.O/am=AMA/d=0/rs=AN8SPfo2HeflihKMbfgwV84pq3lzEm8ziw/m=el_main_css
Frame ID: F8B152E23B6E4E70AD3DCFFAA50AE647
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&bft=0dAFcWeA4bRNp99Geww5aS6C-WaSIyUq14bTCaveEXXxCL20DUxT8rxT9xkSWor9KhXPe5MNesTyYQzWbePG7IJNsq__ycD5YNAg
Frame ID: E9153F6CF2EC5C6D0AE715FE8101D718
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: E6DAFDE29946B37D27155779E9F902A2
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 5EC0C35562FF4FF87D73AA18A8C86FA5
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: FC51622939244F55BDF0DF90ADEB16C8
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: E67D004BF5117D7F11728C42070971C0
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=22&key=288cdc37-9226-4df9-8657-f69dcdb6ffcc
Frame ID: AE14D5DF445D24315CE444090F596CCB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Frame ID: 4F2B96AFC4BBB9164D4BE12319A867F1
Requests: 13 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 774052B7405E1F89B425637596E5616B
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Frame ID: 4A9407CC39BAF0294D812CD80B0C5D44
Requests: 16 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=18&key=LdIfALZHok1ddZVoSvevfFGO
Frame ID: 1C2885569898E4306BF4D4B6A3F5C03E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 04348AE941FB62B4540CE235BC715572
Requests: 17 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=50&auid=1759739510429-172025073148-000637-009-003921&gdpr=0&gdpr_consent=&ccpa=1---&key=e00dbeccf828f7a9ddc8637eac690040
Frame ID: C9039676C1B74E650C15FDB326E77E5A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=60&key=33299216-d67e-48a3-a7a3-dc1c4d3d19e3
Frame ID: 8E186E5D2E7BF5F1BC20885909249726
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: B43B53E48E753587FE262F02DCFCB16E
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
Frame ID: F0367DE908E78C63687A2A125A5D81BE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 4948C03A0BD4C4C9227C73E449B8A420
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=
Frame ID: 5225BCAC517622441816DD45297389F0
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 083E6DE3C829C84EB945951D7C011DD6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eb7268e3-7e79-4f00-a663-15c5b73c8cd1&gdpr=0&gdpr_consent=
Frame ID: 5BB83A99C964D8D436DE5562C198F2F5
Requests: 1 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/pubmatic/3ABE60BE-71E4-4A27-B0F0-11068092B8A8?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: FD82770E35922E630F6C80AB2078AC08
Requests: 4 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UdOn2HdE2uXwjjGIML6T.0Qp76_DMDY-~A&gdpr=0&us_privacy=
Frame ID: 0B4CBC89100F8D58B84A543319B41173
Requests: 1 HTTP requests in this frame

Frame: https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Frame ID: 78C0833C54C0A505515BE28C0097B441
Requests: 1 HTTP requests in this frame

Frame: https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Frame ID: 33516913D5E3230D8B69465475F0D329
Requests: 1 HTTP requests in this frame

Frame: https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Frame ID: 1B901B22CBFA0841488A96C036D2957E
Requests: 1 HTTP requests in this frame

Frame: https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Frame ID: 43EBAAB15A9970522093278CACD37E2F
Requests: 1 HTTP requests in this frame

Frame: https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Frame ID: 7467750F86C3574197679ADD6654AB31
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=1&key=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Frame ID: B8DE381BB860C5526B8E1381DB5AA544
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: E1756192A9301258B68F2B6F76667710
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9FD895749101B7BB9D1CBDB054A3D172
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: CF013F5C79F128FC8D7B2AB2960D4A5B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B1CF1B6DBE9ABB769D4EE5C82B9550B7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 575377B4A344CB5C04CC9823B73E06DA
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D002F819E70F2EEE4D053F276DD23213
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 3E2B22B2EC9BBA9FABE3BDDCE12F8F21
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0ADD02FF55F06D31B3DA0ECD60568F53
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: AE4C6945378505E239707DEDEA6B4D73
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 844E697818AAC0255CA06568432AB8FE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: EC64BB0124EDEEFE150D55C2DB6401CB
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E7F1682CA365CE0ACD99F80063C3F14C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 9182013BF9AF3922AF9D9673AC3EAA82
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C7E8DAD4762D198B74A4E86937EA1A6B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: A9A6CEC96323EB57D8505797D90F2131
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2ACE2A764367D8D13DD903E80B1C80DC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 0DD6FE9440735646A7DFF9E18F08AEBB
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 037F0EE825AD7E41C5395E260849A7EC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: D7D6261BC1E2F542426EBA8FF2A4E7CA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D6A70FCD2A1226DC2C4386BA11B40700
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-JOrQxafWKVyFrqnEmE0GmcZOYU&gdpr=0&gdpr_consent=
Frame ID: 2146CAB6220A525314B8F56324CA57AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 280FA0B57F6DC323989169DE62CA9142
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aON_ewAO2_JGKQBQ
Frame ID: B0AFAC6AF4B19C1F3AD30CEF523DED40
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&piggybackCookie=4810512241534797480
Frame ID: ABC6BB4BC8936C58FD43BA548CE5CC31
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vIRsxb3ZPpSnijrCvoskz-_dMZKn2GzGsou6U8ml
Frame ID: 55A7CD7B0E96A74B6AA8A881E9BBB8A6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]&gdpr=0&gdpr_consent=
Frame ID: 4E5E53B811E8351DAF0C2C51D08FC1F6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQAKuxOSiOUOOAIMYHhIAQEBAQEBAQCYuacT2QEBAJi5pxPZ&expiration=1759825915&nuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gpp_sid=&gpp=&is_secure=true&us_privacy=&gdpr_consent=&gdpr=0
Frame ID: 4C99A61F5FBE5FBB12901BE55943A697
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw
Frame ID: 2A67B911A484F004D68A7CE5FA48D3A2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AV3Q8SHNNRNPks8AKONf9Vc3oM8AAAGZuKYSXA
Frame ID: E8C31FB7DABCCF32C9CDEBF3A6901D1B
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel&gdpr=0&gdpr_consent=
Frame ID: 5041EA8E19DB51A7AB2764C96EFBA2CB
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=1&key=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Frame ID: D3A389BC735DAA7CE7DBEB4C2DE62737
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: B72529D87E1DCDFD1EE09B16339990CE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6596C723D7DD5397B724F4A0533570D0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 48CF909645E921D9EE483E1E6917BACD
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 623FA50C1136FC1F59F261B1BB26F65E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 9132857235BCACACBC3FEE436C2D9256
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BA35344025ACCF5B8CEB9E5BDAF9C493
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: B86A5C5B6F97A43F83873AA46A8F8056
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5DA358574B3E8774CEFF80D1BF64C443
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: DDAE3ED7AFD1FFCE95E0E083F1AA87BE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BBC4B48132C7820B4DB56F862FBA55DF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: A464CB8B65962D7A22C3557A910CEE7C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D4BC5FED3666F3C90B404084BD667C70
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 58B33B28B676733FDF66CAA856813411
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A4A44FBB23814965D717209409C0EBEB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: B936F66E36AC0A9FA22D96E11381A70F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E283B8CEF55BD25EB509C378DF9E5F21
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 7B667F34CCD29F3D089CB64E9164141D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5B3432B4F157AC0376AF4E5759FAAA72
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: F9BBBFB3E648754BB54E23B6FB0335D9
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CD71C75E4D2F7B3BA5A0D93A4134DE23
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 9A7E81D3E9A8B0F1EBEBAA9A7706505E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 541AEBE73ABF5FA96CD2B609390AC768
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: 39C305015DA09102FA539EF1EF6B398D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9B68B8AE56CF2973B41F9128CDC69B61
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.723.0_en.html
Frame ID: FD1E4103C1D6C90658648E0EEB69509E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 060C8C68B49BC76CB8F7646138E6E496
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Before It's News | People Powered News

Page URL History Show full URLs

  1. http://beforeitsnews.com/ HTTP 307
    https://beforeitsnews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

537
Requests

79 %
HTTPS

0 %
IPv6

96
Domains

174
Subdomains

103
IPs

10
Countries

6471 kB
Transfer

43255 kB
Size

192
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://beforeitsnews.com/ HTTP 307
    https://beforeitsnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://beforeitsnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://beforeitsnews.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/main.js
Request Chain 157
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 159
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 161
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 222
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 224
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FCRTYwQkUtNzFFNC00QTI3LUIwRjAtMTEwNjgwOTJCOEE4&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEELfR4kihAw5gxtvAaUC4y8&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENrthwBPhd_hknTPn-MzMx4&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 225
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=f1bb9441-86b6-4c22-bc2c-76ae2da8993a
Request Chain 227
  • https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=aa3c3ad3-f5cd-409c-b7c1-06fcba9bd4f9
Request Chain 228
  • https://ssbsync.smartadserver.com/api/sync?callerId=155&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834126%26c%3D%5Bsas_sync_pid%5D%26nwid%3D4577 HTTP 302
  • https://cm.mgid.com/m?cdsp=834126&c=7351158019067125747&nwid=4577
Request Chain 229
  • https://sync.adkernel.com/user-sync?zone=219216&t=image&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834154%26c%3D%7BUID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45708&callback_url=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D219216%26dsp%3D679288%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45708&callback_url=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D219216%26dsp%3D679288%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-2859182635338343684 HTTP 302
  • https://sync.adkernel.com/user-sync?zone=219216&dsp=679288&t=image&uid=b58191c7-a671-5417-ac31-6353c4d21d25 HTTP 302
  • https://cm.mgid.com/m?cdsp=834154&c=A9142867819497020259
Request Chain 230
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Request Chain 231
  • https://cm.rtbsystem.com/mgid?c=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=556372&c=ec0d339d-047a-5571-aa0b-c3f152293bf0
Request Chain 232
  • https://idsync.rlcdn.com/712107.gif?partner_uid=p96LtZgPtkv1& HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKu7KxIYChQIARDDoQoaDHA5Nkx0WmdQdGt2MRAAGg0I9fyNxwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=14435759fa97744b70d45a3166cc9674b99f170900432a6402dd6fdfb54a1bcd791426b5417dce21&_=2
Request Chain 233
  • https://match.360yield.com/match?external_user_id=p96LtZgPtkv1&publisher_dsp_id=489&dsp_callback=1&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834124%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://match.360yield.com/ul_cb/match?external_user_id=p96LtZgPtkv1&publisher_dsp_id=489&dsp_callback=1&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834124%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=834124&c=288cdc37-9226-4df9-8657-f69dcdb6ffcc
Request Chain 234
  • https://visitor-mgid.omnitagjs.com/visitor/bsync?uid=98ca793505bd269c5f409678d39eb6e5&name=mgid&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834135%26c%3D%5BBUYER_ID%5D HTTP 307
  • https://cm.mgid.com/m?cdsp=834135&c=668353ff54d41da8e4176c1e58e5363e
Request Chain 235
  • https://cm.idealmedia.io/i.gif?muidf=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy= HTTP 307
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D3ABE60BE-71E4-4A27-B0F0-11068092B8A8 HTTP 302
  • https://cm.mgid.com/m?cdsp=712807&c=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 236
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834139%26c%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834139%26c%3D%5BPDID%5D&rd=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=834139&c=2c589af1-0c32-42da-b8d9-1zz1759739485
Request Chain 237
  • https://ib.adnxs.com/getuid?https://cm.mgid.com/m?cdsp=834104&c=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834104%26c%3D%24UID HTTP 302
  • https://cm.mgid.com/m?cdsp=834104&c=4252718363418789094
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=cDk2THRaZ1B0a3Yx&muidn=p96LtZgPtkv1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.mgid.com/google?muidn=p96LtZgPtkv1&gdpr=0&gdpr_consent=&google_ula={guid},5&google_gid=CAESEN74Jv_138RFjYtfrOrWDTs&google_cver=1
Request Chain 239
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D472e56d9-7f44-409b-9a75-c6212aa7bf54%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D472e56d9-7f44-409b-9a75-c6212aa7bf54%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24%7BUID%7D&us_privacy=1---&ox_sc=1 HTTP 302
  • https://prebid.a-mo.net/cchain/0/1689?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=openx&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=74e7ffea-3394-4a95-b1bb-09a7683f987e HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D472e56d9-7f44-409b-9a75-c6212aa7bf54%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%23PMUID HTTP 302
  • https://prebid.a-mo.net/cchain/1/1689?A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=pubmatic&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&uid=&us_privacy=3ABE60BE-71E4-4A27-B0F0-11068092B8A8 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D472e56d9-7f44-409b-9a75-c6212aa7bf54%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&F=0 HTTP 302
  • https://prebid.a-mo.net/cchain/4/1689?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=amx_com&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=472e56d9-7f44-409b-9a75-c6212aa7bf54 HTTP 302
  • https://ads.yieldmo.com/pbsync?is=adptmx&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D472e56d9-7f44-409b-9a75-c6212aa7bf54%26bidder%3Dyieldmo%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/5/1689?gpp=&gdpr_consent=&gpp_sid=&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=yieldmo&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=xeh3tmm2z3mFFLwlFRyv&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1---%26A%3D472e56d9-7f44-409b-9a75-c6212aa7bf54%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/7/1689?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=1---&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=adform&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=8998493743908912161 HTTP 302
  • https://cm.mgid.com/m?cdsp=779131&c=472e56d9-7f44-409b-9a75-c6212aa7bf54&us_privacy=1---&gdpr=0
Request Chain 240
  • https://b1sync.zemanta.com/usersync/mgid/?puid=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D HTTP 302
  • https://b1sync.outbrain.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&puid=p96LtZgPtkv1&s=2&us_privacy= HTTP 302
  • https://b1sync.zemanta.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&obuid=701551d4-68d4-4860-bcec-b83510c4d54e&puid=p96LtZgPtkv1&s=2&us_privacy= HTTP 302
  • https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
Request Chain 244
  • https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je5a11h1v9134588528za200&_p=1759739506608&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&ul=en-au&sr=1600x1200&cid=1826738370.1759739509&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115497442~115834636~115834638&dl=https%3A%2F%2Fbeforeitsnews.com%2F&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sid=1759739509&sct=1&seg=0&_tu=wAQ&en=page_view&_fv=2&_ss=2&_c=1&_ee=1&tfd=4035 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=6527909806820550443&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Request Chain 246
  • https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je5a11h1v9134588528za200&_p=1759739506608&gcd=13l3l3l3l2l1&npa=0&dma=0&ul=en-au&sr=1600x1200&cid=1826738370.1759739509&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAIAAQ&_s=2&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115497442~115834636~115834638&dl=https%3A%2F%2Fbeforeitsnews.com%2F&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sid=1759739509&sct=1&seg=1&_tu=wAQ&en=page_view&_c=1&_ee=1&_et=30&tfd=4066 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=6355778885062274521&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Request Chain 247
  • https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je5a11h1v9134588528za200&_p=1759739506608&gcd=13l3l3l3l2l1&npa=0&dma=0&ul=en-au&sr=1600x1200&cid=1826738370.1759739509&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAIAAQ&_s=3&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115497442~115834636~115834638&dl=https%3A%2F%2Fbeforeitsnews.com%2F&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sid=1759739509&sct=1&seg=1&_tu=wAQ&en=page_view&_c=1&_ee=1&_et=1&tfd=4068 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=13975764842682739195&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Request Chain 254
  • https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=onetag&ssp_user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&gdpr_consent=
Request Chain 255
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26uid%3D$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526uid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=98&uid=9028509663433934310&gdpr=0&gdpr_consent=
Request Chain 256
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=MGEVGWP3-1L-5TQR&gdpr=0
Request Chain 257
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=c4945c484d931f4cabdc7bb9629df&gdpr_consent=&gdpr=0
Request Chain 260
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=1e983b85b2087d96&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10101531197440 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10101531197440 HTTP 302
  • https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU31ce1bc52397483c8f943a2ad86c149f
Request Chain 261
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABmbil_BWggG5jxWpENFuTkpPv3hX61kFhwQ&gdpr=0&gdpr_consent=
Request Chain 262
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7930571879214128986
Request Chain 263
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
Request Chain 264
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm=&google_tc= HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFQGg09PlP4-a0RRcy71LnE&google_cver=1&gdpr=0&gdpr_consent=
Request Chain 266
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&gdpr=0&gdpr_consent=${GDPR_CONSENT}&us_privacy= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&zcc=1&cb=1759739510468 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004&rndcb=1454894583 HTTP 302
  • https://sync.1rx.io/usersync/turn/2445597090289635068?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
Request Chain 268
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=031d2cf6-7cc7-4a58-8f82-ed94d7696223&google_hm=MDMxZDJjZjYtN2NjNy00YTU4LThmODItZWQ5NGQ3Njk2MjIz&gdpr_consent=&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGEOnFfr6m6Qr9f8A4cFzsI&google_cver=1&ssp=onetag&bsw_param=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr_consent=&gdpr=0 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 277
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=MGEVGWBS-1D-8YAE HTTP 302
  • https://cm.mgid.com/m?cdsp=43070&c=MGEVGWBS-1D-8YAE&gdpr=0
Request Chain 280
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 281
  • https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=22&key=288cdc37-9226-4df9-8657-f69dcdb6ffcc
Request Chain 283
  • https://creativecdn.com/cm-notify?pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
Request Chain 285
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D18%26key%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=18&key=LdIfALZHok1ddZVoSvevfFGO
Request Chain 287
  • https://visitor-ow.omnitagjs.com/visitor/bsync?uid=ee7f7070fcde32ab0ae4be25799fd7f5&url=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fbiddername%3D50%26auid%3D1759739510429-172025073148-000637-009-003921%26gdpr%3D0%26gdpr_consent%3D%26ccpa%3D1---%26key%3DPARTNER_USER_ID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?biddername=50&auid=1759739510429-172025073148-000637-009-003921&gdpr=0&gdpr_consent=&ccpa=1---&key=e00dbeccf828f7a9ddc8637eac690040
Request Chain 288
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D60%26key%3D%5BUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=60&key=33299216-d67e-48a3-a7a3-dc1c4d3d19e3
Request Chain 290
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004&rndcb=4537855491 HTTP 302
  • https://sync.1rx.io/usersync/turn/4015443907586217023?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
Request Chain 294
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzVmMzZlMjIzNzk2ZDg1OTQ4MjI3NmMxY2UzMTZkYzg3Y2EzMjRlMg&gdpr=0
Request Chain 295
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
Request Chain 296
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XL5ixXusBCe37ZdDaHcpvcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-M1XGrO5E2oKgAQ1ieY33f4A9U23EdZIRLJbrgw--~A
Request Chain 297
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUdFVkdXQlMtMUQtOFlBRQ==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEFEKh7x85J2ZfR7QLmTDxaY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUdFVkdXQlMtMUQtOFlBRQ==&google_push=&gdpr=0
Request Chain 298
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=MGEVGWBS-1D-8YAE&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 299
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=&expires=30
Request Chain 300
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MGEVGWBS-1D-8YAE&gdpr=0
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELb5ZE2FNH_oIqCbB6Wlo2s&google_cver=1
Request Chain 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
Request Chain 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACvM07Rxv0AABwwvRinEQ&expires=30&gdpr=0
Request Chain 304
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MGEVGWBS-1D-8YAE&gdpr=0
Request Chain 305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=MGEVGWBS-1D-8YAE&gdpr=0
Request Chain 306
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0cdd98cc-b26e-4dd5-95c0-3b00b4eac401&expires=30&gdpr=0
Request Chain 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://sync.a-mo.net/setuid/magnite?uid=MGEVGWBS-1D-8YAE&gdpr=0
Request Chain 308
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MGEVGWBS-1D-8YAE&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MGEVGWBS-1D-8YAE HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MGEVGWBS-1D-8YAE&ckls=true&ci=r1adESHKWN&nc=false&trid=-834163135
Request Chain 309
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MGEVGWBS-1D-8YAE&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MGEVGWBS-1D-8YAE&gdpr=0
Request Chain 314
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26uid%3D$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526uid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=98&uid=8895045668973197676&gdpr=0&gdpr_consent=
Request Chain 315
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=MGEVGWBS-1D-8YAE&gdpr=0
Request Chain 317
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=1e983b85b2087d96&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10101531197440 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10101531197440 HTTP 302
  • https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU31ce1bc52397483c8f943a2ad86c149f
Request Chain 318
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABmbimABPKycVcRKs6Gbp-o6cfJFQeFOZ8PA&gdpr=0&gdpr_consent=
Request Chain 319
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Donetag%26bsw_param%3D%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=a88504ba173849af845a6d0d2d02d4c9&ssp=onetag&bsw_param=&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 322
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=c4945c484d931f4cabdc7bb9629df&gdpr_consent=&gdpr=0
Request Chain 324
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7930571879214128986
Request Chain 325
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Or5gvnHkSiew8BEGgJK4qA%3D%3D&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEOQ3FD892wvbZM8sl3VfnNc&google_cver=1
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFQGg09PlP4-a0RRcy71LnE&google_cver=1&gdpr=0&gdpr_consent=
Request Chain 327
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&gdpr=0&gdpr_consent=${GDPR_CONSENT}&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004?redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D212%26uid%3DRX-9d09463d-379a-4bdc-9559-b835ffb715f3-004%26us_privacy%3D1--- HTTP 302
  • https://onetag-sys.com/match/?int_id=212&uid=RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004&us_privacy=1---
Request Chain 332
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=MGEVGWBS-1D-8YAE HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=MGEVGWBS-1D-8YAE
Request Chain 353
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=288cdc37-9226-4df9-8657-f69dcdb6ffcc&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.360yield.com/match HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=288cdc37-9226-4df9-8657-f69dcdb6ffcc&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.360yield.com/match HTTP 302
  • https://ap-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1760949113&external_user_id=8998493743908912161
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=Mjg4Y2RjMzctOTIyNi00ZGY5LTg2NTctZjY5ZGNkYjZmZmNj&dsp_callback=0 HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEFgHtChO_9AvHxkW-4gu3KQ&google_cver=1
Request Chain 356
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=288cdc37-9226-4df9-8657-f69dcdb6ffcc&publisher_dsp_id=167&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=
Request Chain 357
  • https://pr-bh.ybp.yahoo.com/sync/improvedigital/288cdc37-9226-4df9-8657-f69dcdb6ffcc HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=179&external_user_id=y-.WWIMKNE2pnJr4a5Q3CaR2dyept12sSgVjQ4BFFqW0dl29k-~A
Request Chain 359
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=
Request Chain 361
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eb7268e3-7e79-4f00-a663-15c5b73c8cd1&gdpr=0&gdpr_consent=
Request Chain 363
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&redir=true&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&redir=true&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UdOn2HdE2uXwjjGIML6T.0Qp76_DMDY-~A&gdpr=0&us_privacy=
Request Chain 364
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9028509663433934310&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 365
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2445597090289635068&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 366
  • https://cm.ambientdsp.com/cm/send?vc=pmj&gdpr=0&gdpr_consent= HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1awmsh57t72c HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 367
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=1e983b85b2087d96&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub8730968190912 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU31ce1bc52397483c8f943a2ad86c149f HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 368
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 370
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 371
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=18ff0f43-474c-4f1c-854e-4941d0ff3b2b
Request Chain 372
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/15927723?&gdpr=0&gdpr_consent=&sInitiator=external&sExtCookieId=3ABE60BE-71E4-4A27-B0F0-11068092B8A8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=69782438-64d8-4384-96fe-f062306c17ab HTTP 302
  • https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=69782438-64d8-4384-96fe-f062306c17ab HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=9028509663433934310&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8998493743908912161&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=8998493743908912161&gdpr=0&gdpr_consent=&sInitiator=internal HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=semasio HTTP 302
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=-JOrQxafWKVyFrqnEmE0GmcZOYU&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=9028509663433934310&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&redir=https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
  • https://sa.semasio.net/sync/1/14876172?sExtCookieId=eb7268e3-7e79-4f00-a663-15c5b73c8cd1&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4810512241534797480&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=4810512241534797480&gdpr=0&gdpr_consent=&sInitiator=internal HTTP 302
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&redir=https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
Request Chain 373
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=
Request Chain 374
  • https://match.sharethrough.com/universal/v1?supply_id=a6a34444&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dsharethrough%26uid%3D HTTP 302
  • https://sync.a-mo.net/setuid/sharethrough?uid=904af894-149a-4497-8578-b247d7a2a5ad&gdpr=0
Request Chain 375
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.a-mo.net/setuid/magnite?uid=MGEVGWBS-1D-8YAE&gdpr=0
Request Chain 377
  • https://ads.yieldmo.com/pbsync?is=adptmx&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dyieldmo%26uid%3D%24UID HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=yieldmo&uid=xeh8tmm2z3msCMV1NJb9&gdpr=0&gdpr_consent=
Request Chain 378
  • https://id.a-mx.com/u?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Damx_com%26uid%3D&A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&F=0 HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=amx_com&uid=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680
Request Chain 379
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dpubmatic%26uid%3D%23PMUID HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Request Chain 380
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=appnexus&uid=9028509663433934310
Request Chain 381
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=sovrn&uid=LdIfALZHok1ddZVoSvevfFGO
Request Chain 382
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=openx&uid=74e7ffea-3394-4a95-b1bb-09a7683f987e
Request Chain 398
  • https://id5-sync.com/i/231/8.gif?o=api&id5id=ID5*Wypy_d1L83VFpfJ0Hfvpi_XzSd9azaqFXROZAT3QXP___2jjfnhaAAEBCmjjfnYAUubzWGFqw6CIbXE52m_fJA&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/231/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/231/2/7/2.gif?puid=9028509663433934310&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F10%2F6%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/231/10/6/3.gif?puid=4810512241534797480&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/231/112/5/4.gif?puid=C5F365D52BFEDA44&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=69782438-64d8-4384-96fe-f062306c17ab&ttl=%%TTL%% HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/231/108/3/6.gif?puid=4121c873-0399-4f84-ba3d-49563059d8a2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AACvM07Rxv0AABwwvRinEQ&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid=ID5-5f11swewuSvpsbhzt6pHm78KEzSB6UkzX9rNU5wfMw&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=MGEVGWBS-1D-8YAE&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QzVGMzY1RDUyQkZFREE0NA%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-5f11swewuSvpsbhzt6pHm78KEzSB6UkzX9rNU5wfMw HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEFhx1WDqnZExmecvlF3oSE0&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-5f11swewuSvpsbhzt6pHm78KEzSB6UkzX9rNU5wfMw&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Request Chain 442
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-JOrQxafWKVyFrqnEmE0GmcZOYU&gdpr=0&gdpr_consent=
Request Chain 443
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=031d2cf6-7cc7-4a58-8f82-ed94d7696223 HTTP 302
  • https://pool.liftdsp.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=031d2cf6-7cc7-4a58-8f82-ed94d7696223 HTTP 302
  • https://pool.liftdsp.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=031d2cf6-7cc7-4a58-8f82-ed94d7696223 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b188a2a9-a63f-4719-8d80-67300fd3d1f7&user_group=1&ssp=pubmatic&bsw_param=031d2cf6-7cc7-4a58-8f82-ed94d7696223 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 444
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aON_ewAO2_JGKQBQ
Request Chain 445
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&piggybackCookie=4810512241534797480
Request Chain 446
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&__qcmcs=1 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vIRsxb3ZPpSnijrCvoskz-_dMZKn2GzGsou6U8ml
Request Chain 448
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2a8ef6ccfa6e1ee8&is_secure=true&networkId=17100&version=1&nuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQAKuxOSiOUOOAIMYHhIAQEBAQEBAQCYuacT2QEBAJi5pxPZ&expiration=1759825915&nuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gpp_sid=&gpp=&is_secure=true&us_privacy=&gdpr_consent=&gdpr=0
Request Chain 449
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=$TF_USER_ID_ENC$&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=$TF_USER_ID_ENC$&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&u=${PUBMATIC_UID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw
Request Chain 450
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AV3Q8SHNNRNPks8AKONf9Vc3oM8AAAGZuKYSXA
Request Chain 453
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=&ct=y
Request Chain 454
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3ABE60BE-71E4-4A27-B0F0-11068092B8A8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4121c873-0399-4f84-ba3d-49563059d8a2%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=69782438-64d8-4384-96fe-f062306c17ab&ttd_puid=4121c873-0399-4f84-ba3d-49563059d8a2%2C%2C

537 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beforeitsnews.com/
Redirect Chain
  • http://beforeitsnews.com/
  • https://beforeitsnews.com/
88 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09c5f1991bd0fbeeccb0aaf7ff08803639b1dc4099d8dfb1f9cd731b73a79c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
access-control-allow-origin
*
access-control-max-age
3628800
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
98a3cde51f23ed74-ADL
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 06 Oct 2025 08:31:45 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=tKvNs3GKt8eJB5Oj%2BismCdkiNUlGsSh9it53yMefdXpBUNTWVSeXDxlFTdJRd6bqVq4lYUCf3JepLR4KZCa3zJ4ZDZ0C7366Z4zZ5EDjFw%3D%3D"}]}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://beforeitsnews.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f10.1e100.net
Software
ESF /
Resource Hash
fd2bcbf0096ded65653068d30795ca71e29e0922f562c9e4b3cc916e22fa7c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:31:46 GMT
alt-svc
h3=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 06 Oct 2025 08:31:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
global-bin-rev-202509301.css
beforeitsnews.com/static/css-v3/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb7697cea0804b3403875cfc965e277603ce219c3a26813d1645cec236e7107
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a71-45f4"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FglzjNg1WzZcmMvuFdX%2BX3EFyc%2FHlqnj9gM6L0ar5kzBNhFmTc8z4Ps%2FFStOSMF%2FQdpenZmdnLD1M62Wb6kW7c6PlgmX4xkCvdR5V9EDJA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:35:02 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
text/css
last-modified
Wed, 10 Sep 2025 11:01:05 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
private, max-age=31536000, must-revalidate
cf-ray
98a3cde78f6aed74-ADL
access-control-allow-origin
*
server
cloudflare
fancybox-bin-rev-202509301.css
beforeitsnews.com/static/css-v3/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/css-v3/fancybox-bin-rev-202509301.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b21fd04aad89a54b03408155906f1cd1b363cb16cf0753504b18e996d8a6662
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a71-1f5d"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dxk11YOsFfT3HaUi3f2eUFpZkzqBMl8%2BIBA3VYzJqKEzANG%2Bh2LNNrzc9vZ0l4jM3tNPv2p7JT7IrWx0GLWbY9DbqeihPbEJeKuXU3HDBQ%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:35:03 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
text/css
last-modified
Wed, 10 Sep 2025 11:01:05 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
private, max-age=31536000, must-revalidate
cf-ray
98a3cde78f6bed74-ADL
access-control-allow-origin
*
server
cloudflare
home-bin-rev-202509301.css
beforeitsnews.com/static/css-v3/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/css-v3/home-bin-rev-202509301.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8eba4f3201766e1cfce9bdca8a101fbd07e4ee321c024c9cd641f883ee201c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a71-72aa"
age
513480
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZUdOlU2pDuh4IsjQ%2FDdxzKzaHSplM%2FpGlidtG8LpPxyEhk8pGcdgQJMKHf4Bxx47cPZ4GMxtHQ7UqgNqST5iaV2ef4CRLUE2Sbmj7vHNCw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:35:11 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
text/css
last-modified
Wed, 10 Sep 2025 11:01:05 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f6ced74-ADL
access-control-allow-origin
*
server
cloudflare
responsive-bin-rev-202509301.css
beforeitsnews.com/static/css-v3/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/css-v3/responsive-bin-rev-202509301.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
060099587cd01312dbba7402beac58069384d4418b1cfa4fb47329d907061078
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a71-5238"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vQQ3YJPPTsb5YhuqgPUj8pjbN7Fl1E0JWXus3L7nsOiw3u58zF%2FL1ZdATwqNvqqETpDgIg%2F4i3taTmNcZnCzNA5UPFilbxqw%2BgyOfRdDNA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:35:06 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
text/css
last-modified
Wed, 10 Sep 2025 11:01:05 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f6eed74-ADL
access-control-allow-origin
*
server
cloudflare
web-responsive-bin-rev-202509301.css
beforeitsnews.com/static/css-v3/ 		371 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/css-v3/web-responsive-bin-rev-202509301.css
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2acaf1bba6c8ad15cb88acebd579e79f8ca46d79698820f16facd2c42822619
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a71-173"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=22HF4BmFkei0I6lRsy%2B030%2FCglry4lHoP86Jty3T7lxY1n7zJMYIe3J3m7coINA9y4U%2FygQ9K%2Fd2tdGvehGclpNGBJ7hGJZ6kLqxwxtPmw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:35:02 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
text/css
last-modified
Wed, 10 Sep 2025 11:01:05 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
private, max-age=31536000, must-revalidate
cf-ray
98a3cde78f6ded74-ADL
access-control-allow-origin
*
server
cloudflare
jquery-1.8.3.min.js
beforeitsnews.com/static/js-v3/ 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f58055-16dc4"
age
724716
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=q%2F%2FxJCYCn80%2Fs65BcTgKKuTOsAr0k0LpHtjthemsOMdoHYWjSJ%2BZSS0qc6NuwzwXSUd%2FKWecZfq1dbZlnub88kvaBWhXDQ4N%2BLWn1rS37A%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Mon, 29 Sep 2025 01:47:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
application/javascript
last-modified
Sat, 16 Mar 2024 11:19:49 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f6fed74-ADL
access-control-allow-origin
*
server
cloudflare
jquery.fancybox-1.3.4.pack.js
beforeitsnews.com/static/js-v3/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/jquery.fancybox-1.3.4.pack.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f58055-3d08"
age
983594
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=gIQQP98fIXHiwObyWaFIWPU3FaWiwSgh8g7TDSRSOWzYhQFoo%2FPS70j7mnzT6ey7ezwhb%2BsiuqF09wI98BpzHSyTOkRkFqzR8CS82cf3Rg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Wed, 01 Oct 2025 20:05:54 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
application/javascript
last-modified
Sat, 16 Mar 2024 11:19:49 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f70ed74-ADL
access-control-allow-origin
*
server
cloudflare
mobiledetect.js
beforeitsnews.com/static/js-v3/ 		37 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/mobiledetect.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f9e0947548f2752307d588937e0791ddbb12763fb5bc39097a874df19386e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f49ada-92e9"
age
983595
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=f65vQwC0ePBNJLLec19Tn4ZqsQiTZDG1eL6Cs1boh%2BrcJHdQsCg%2FJpFGoX%2BiYb5qBJpqttx7Af41HC9kg08vbug9HOzhe5RaKHgevj2lYA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Wed, 01 Oct 2025 20:05:54 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
application/javascript
last-modified
Fri, 15 Mar 2024 19:00:42 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f71ed74-ADL
access-control-allow-origin
*
server
cloudflare
node-uuid.js
beforeitsnews.com/static/js-v3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/node-uuid.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0350f6d6fc2942181daf38ad8263cbe9d79b2386b8c31ef1c1c17a57b48bd85
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f58055-a10"
age
983595
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AgMkHowLiDRarnA8LvItWoVYhIceuTteY94dfiGMNwBcKBVVyDcKF3YxxKroQc%2FDE%2F8zBUq4HwbgHkr6LVYY6suL8Nxq1CtnryiUOw%2BDIA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Wed, 01 Oct 2025 15:36:16 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
application/javascript
last-modified
Sat, 16 Mar 2024 11:19:49 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f72ed74-ADL
access-control-allow-origin
*
server
cloudflare
global-bin-rev-202509301.js
beforeitsnews.com/static/js-v3/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/global-bin-rev-202509301.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61145a610771746ee51df17b3f833b1ecb7943ec6c54911dc32b7c21d522d582
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a40-360e"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=76CE7mtnzHyxOap3838JCwBIWSZIrMEwms%2BNHWEbL2nZKnXCV9x2ODq8ocSYEtaCGnVWN5zJOnQ2wQS%2BAmI6U8usjAlrgQ4MKuDw7E%2BX2Q%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:34:44 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
application/javascript
last-modified
Wed, 10 Sep 2025 11:00:16 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f74ed74-ADL
access-control-allow-origin
*
server
cloudflare
310742.js
jsc.mgid.com/site/ 		1 MB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/site/310742.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9257f952047afd05130a7d6dd848cf80902b3080b73f52576cd0b597653b03c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-cntry
content-encoding
gzip
cf-cache-status
HIT
etag
"6486af94bda3ad1525a7323bcd115355"
x-amz-version-id
yaBJhekPlcl2RKOoBaejmpcd.A.im2Z7
age
6543
expires
Mon, 06 Oct 2025 11:31:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
text/javascript
last-modified
Thu, 02 Oct 2025 14:02:09 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
Wel3WG2MeVDirSZDCWGqwOTNYsf6oTn6FdN/R8LNGxAlN99UZBcoXbEcRscwlyCeJa+OI+hPF1UnV6otm/mtrZhl+/yMzpSp
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=10800
x-cntry
AU
cf-ray
98a3cde81bf8ed6c-ADL
x-amz-request-id
SQ84N0HA11VSJVRX
accept-ranges
bytes
access-control-allow-origin
*
content-length
246963
server
cloudflare
x-amz-server-side-encryption
AES256
top-logo.png
beforeitsnews.com/img/v3/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/v3/top-logo.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-8ab"
age
211602
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oSlzCopdh7A2YZv63qEHV1SdLXkhn6XHg%2F%2F2729Xvsfe9FvH9miM%2Bx96r14CTyjkz5%2B%2Bd5pBCjjztJNDwYSGQUaya8rAPTHRjq6g%2BUUm7Q%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 15:36:16 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
image/png
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f73ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2219
server
cloudflare
embed-widget-ticker-tape.js
s3.tradingview.com/external-embedding/ 		0
0
loading.gif
beforeitsnews.com/img/v3/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/v3/loading.gif
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354d5352d22dea06f2e3cf1add1b456f8a1ca5b4d0a6b36ee859ac606d2c90eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-95e7"
age
725077
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FRYIWD%2BOxJwFIGy1V2L8%2FFfTyKwcyEEZIj8PBgeIZ%2BVpHvKcP1XRV0yha8QcliyLS2sOYiwsjul3YOMiyGc9QF4LtdJdvrmj3IoVhV3Xgg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 20:08:01 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f75ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
38375
server
cloudflare
ads.png
beforeitsnews.com/img/v3/ 		95 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/v3/ads.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-5f"
age
983596
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=tijhLgmlTCSNL1tjkTGzNrAHwFD%2BHFkJX%2FAMnQz9k1gLNBQrXI7aDvQlsWUM1OzV%2BRE4wlSGjUON0ZdHq%2BjoRMudqnuJOVyeE7KeYmPSiw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 20:08:45 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/png
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
private, max-age=31536000, must-revalidate
cf-ray
98a3cde9ef8ced74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
95
server
cloudflare
hqdefault.jpg
i.ytimg.com/vi/tRjHeq6lVqM/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/tRjHeq6lVqM/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f22.1e100.net
Software
sffe /
Resource Hash
de9bd13746725502fb8a46cbec80282bbc9728c5182465e144a2d0b0685816a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

etag
"0"
age
126
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 10:29:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:29:40 GMT
content-type
image/jpeg
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
17283
x-xss-protection
0
server
sffe
loading.gif
beforeitsnews.com/images/misc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/images/misc/loading.gif
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25a0be082d625832631400bfb4541a565d989ca1d86809c640412bfc9a224c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-698"
age
983596
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nA%2FcTkDyVrxFKwiiDzoWL1ejO3L7LRE84OkkZ13dyFkA60rhCuxOLqGbte2QIjxVInR0Obnbd7dvSjQc9WfLItrkq9MjKjnt35txOEatAw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 22 Sep 2026 01:47:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde9ff8eed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
1688
server
cloudflare
tabs-bin-rev-202509301.js
beforeitsnews.com/static/js-v3/ 		189 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/tabs-bin-rev-202509301.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
335fa63197718a5840adef5761fc5c67b9fb4274798aa53b60cfdc4d4b2043a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a4e-bd"
age
517922
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qwjjvoPfW4zAY%2BVVlg1XwcZQpdwp%2BUU3QO5C0QrHpoP1OYXdeuwIE4ZFQiwrcMxKdZKHKbCssW5jm65xvDy%2BaT7Skp5iQkEoIFCN9uDqKg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:34:44 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
application/javascript
last-modified
Wed, 10 Sep 2025 11:00:30 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde86f7eed74-ADL
access-control-allow-origin
*
server
cloudflare
badge.js
cdn.sucuri.net/badge/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sucuri.net/badge/badge.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.16 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10016.sucuri.net
Software
Sucuri/Cloudproxy /
Resource Hash
2a116fbb01adc832de9e40d83751f068237ee3a4f6f5637e60afa0bd012b4f50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-sucuri-cache
HIT
x-sucuri-id
18012
cache-control
max-age=315360000
content-encoding
gzip
x-amz-version-id
MK7qGvItlYikcJF9X.M_pNdqXHwW3xaB
etag
"e3c2e24937b41ca4e65436228c4aaa3a"
x-amz-request-id
C17JH7B5KYFRT0JX
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
content-length
1069
date
Mon, 06 Oct 2025 08:31:27 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 18:27:55 GMT
server
Sucuri/Cloudproxy
x-amz-id-2
pp7Z8TlE1GHIWk9dY4KKGRx8tbJ/1pbfMs+cA0jYz/+aFB4DxEb6jJjLD/430dTPPj/GRkGNWSg=
jsFunctionLoading-bin-rev-202509301.js
beforeitsnews.com/static/js-v3/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/jsFunctionLoading-bin-rev-202509301.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
562b6b3e8ac6db5b8db940666e0b1178b960bbdec974769ce7679d965a40fbcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a4c-1a0e"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1SLLbX7fGK7%2B9tr84Gl7aWqfQLFflv8bmsEZiad2XBq5TuwuQZt8cdJpJ0QQOUqreVgCVvs7husku66UoXI%2BxdQVuaOjZG10wbJjHZQSwA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:34:45 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript
last-modified
Wed, 10 Sep 2025 11:00:28 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde9ff8fed74-ADL
access-control-allow-origin
*
server
cloudflare
jsDynamic-bin-rev-202509301.js
beforeitsnews.com/static/js-v3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/jsDynamic-bin-rev-202509301.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834a3eda9a652fceb913541a280672d0fba0a906e4f4d15043bdd50e838d0dff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a4c-1131"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=khIJGNd00pc%2BprXTHcJahXC%2BhSbcVMRjK%2FASiS3sJ2pBOojn4LQ2DnRjhM0KgUTlm9Y5P44stCDpMNtK4ildJmSE5BOWP1q7Xaw5MbYczA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:34:45 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript
last-modified
Wed, 10 Sep 2025 11:00:28 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde9ff91ed74-ADL
access-control-allow-origin
*
server
cloudflare
responsive-bin-rev-202509301.js
beforeitsnews.com/static/js-v3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/responsive-bin-rev-202509301.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a6fd2260a8310e8d7c7eef4d1d8958148c83b089a2d8fbe4114a39e4c3bd830
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a4d-6c0"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=22e%2FjmOlBlYJO24xPQnyk6QE9u9VmFG5o2zo8eDcBJWHNbq2xeBXrhsPaA4plm5I9%2BkAUeBUGsCkpgB4MF9SM1WFy82696K6jr2zSjCP0w%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:34:45 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript
last-modified
Wed, 10 Sep 2025 11:00:29 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde9ff90ed74-ADL
access-control-allow-origin
*
server
cloudflare
validate-bin-rev-202509301.js
beforeitsnews.com/static/js-v3/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/validate-bin-rev-202509301.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5482525141cafe3826dd5c62639094fe6053531a9b93af37c3c396c2681d6d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a4e-1a18"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=d3k5bGjG0BE%2BP7OzUfYXyhBDOGm8TM9gzJpcDfvxJmg6p8as%2Be2iQWp3iB4TTPkHF8XAREwn2qFBxLlFKHjgQFCHBiysG2I0aCSEgV0cHg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:34:46 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript
last-modified
Wed, 10 Sep 2025 11:00:30 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde9ff92ed74-ADL
access-control-allow-origin
*
server
cloudflare
loadmore-bin-rev-202509301.js
beforeitsnews.com/static/js-v3/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/loadmore-bin-rev-202509301.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d314a6e920ecdabfe1652f1a0bfaca05c5fd4ea7966f1b8d5957e016bcad618c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a4d-3999"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4j74ULtDW7h59CRRpe2Xa9v45siR%2B6ixr0qxPNLeMfp1uqAeD3Dti9bs8wS1n4HZh5AcqS61RN3h5udezw5LiS4Fjs2UJ1%2F36d0iGMsa4Q%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:34:46 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript
last-modified
Wed, 10 Sep 2025 11:00:29 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde9ff94ed74-ADL
access-control-allow-origin
*
server
cloudflare
lazy-loading-bin-rev-202509301.js
beforeitsnews.com/static/js-v3/ 		173 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/static/js-v3/lazy-loading-bin-rev-202509301.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ee81367c4f721ad79e801f2fa41aaf569c559a688d2efe610b8ced9be156ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
gzip
cf-cache-status
HIT
etag
W/"68c15a4c-ad"
age
517923
x-accel-buffering
yes
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=p3%2BoNoqRU%2BEHX46KmALiFHekT3P1yfOw9WYxEEkZ5ARZSxTItaY4u4l4JOqAfPIEqHL11sbC6ttN%2FI0AL5ggNTp66dWYPgqgQfP%2BQA8kRw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 07 Oct 2025 08:34:46 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript
last-modified
Wed, 10 Sep 2025 11:00:28 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde9ff93ed74-ADL
access-control-allow-origin
*
server
cloudflare
12098
entzames.com/easylist/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entzames.com/easylist/12098
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.169 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70fb42de401cb158841bcd40e60e4e3804ac93159ce26c29d4062ba50a3bbc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
x-tornado
yes
etag
W/"a925510f97eb351d342585e35ed916f814b3b5d3"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ULnCLfkPeIluSF5vTDLSDfoji75zPdl7IcspgTG68Lq3cw%2Bxt0xnaX83rL5HZun1XouDEa4WOzW5vtLjz6S0dHaKtpPxuGD81dc%3D"}]}
cf-ray
98a3cdea29fcec7d-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
text/javascript; charset=utf-8
server
cloudflare
api.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
ESF /
Resource Hash
475ae8ed7e21ba893f11da05d1a54cb8c8aae1b8480ee9b08624c88af1ad5d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:31:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 06 Oct 2025 08:31:46 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
element.js
translate.google.com/translate_a/ 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
ESF /
Resource Hash
4ee0aa26db36a289a20e0a84fa8f0ed0c1c3a206510e03e8583a70b529ada31f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:46 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
ajs.js
cdn2.customads.co/_js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.customads.co/_js/ajs.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.175.115.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-175-115-52.syd3.r.cloudfront.net
Software
/
Resource Hash
fd052e27e9c5dad95f95be7e2980fbc716245b26aff423d213e393fd499b3a54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"22b2-199ab4a44ce"
age
55190
via
1.1 google, 1.1 24f360fd93fc7d5a758875518fa21000.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
x-amz-cf-id
eBJkGE9yIF3VJqG6B3lxtlY85uW0Knir0gSxqSiRtlLL6jNzqTvoWw==
date
Sun, 05 Oct 2025 17:11:56 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 03 Oct 2025 18:16:35 GMT
vary
Accept-Encoding
x-amz-cf-pop
SYD3-P3
top-bg.png
beforeitsnews.com/img/v3/ 		164 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/v3/top-bg.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
440292eb71e786da59d255d6ff27e9594fb838f1de59004822ab745d50521dc3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-a4"
age
830361
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VQTXUBOpgbTONkZ1WgzwmaqER5u7LZkgRqBp79DjU%2BEvQRCgyue%2FyD4VxC11JGmFUKm81i81RIBq2qRnWpg1M0%2BhnEwGawKVoFpYLbpzzw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 07:56:24 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/png
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde9ff95ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
164
server
cloudflare
search.png
beforeitsnews.com/img/b4in/ 		805 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/b4in/search.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd216584b4c5dbdf5c16f8a6d4982c6bcb7d9306ea0476e1e4aad0f2935422a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-325"
age
983595
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=unuZ1Gz0561weOjqo16jiP6x%2FvghCmqwv51HNpF1FDGC%2FXzoLTaO%2BzFhL4p0NV9lAwpLjQaypXXkhIJwtxuq58%2FOG6CdmR6OCPCmGywinw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 15:36:17 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/png
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea0f97ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
805
server
cloudflare
culturebg.jpg
beforeitsnews.com/img/v3/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/v3/culturebg.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-3be6"
age
983595
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=R9%2FrBhTaqk94zt%2Br48vX4fz2%2FdZegt6%2B5Pni6%2BZIPo08hosFn8X5IvAw2Whc7cG1A6pDtwZVAkUNtIPXtGbpB3JhuFy3BZ5BtJxmmsa7Ew%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 20:08:02 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea0f98ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
15334
server
cloudflare
BIN_Join_Telegram_bg-min.jpg
beforeitsnews.com/img/banner/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/banner/BIN_Join_Telegram_bg-min.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048f10d8299f281e5fd6d020e05213c87c444d876b8edc6d5e5bf6c9f7bb78b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-a834"
age
830360
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=M6Ip4NsE45KK1VV%2F3X3E2AvX4fHuW5Y0Su5K26vuOfsvUUWDog7H7F8MaahIkjQ%2BI65F6AhXfRww0qbKH8hRAgNjDfO0krLgpv9IqjbFVA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 20:08:02 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea0f9aed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
43060
server
cloudflare
logo-bottom.jpg
beforeitsnews.com/img/v3/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/v3/logo-bottom.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fea23fcfa5c62b0dea00665d0da4a425bd47776483ee77ac8037fe740e7d0e4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/static/css-v3/global-bin-rev-202509301.css

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-a0e"
age
980670
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MPOoWbEUbqL5WBJPY5BplcBe6y%2BB6uuiKi3Z9w%2BwDtxH4xwYMOH68Xvez%2F9SlIS8ZVX6Of2vzutOHCyjnzhza8QO7PHVb%2F3M%2B71FuoPsxw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 15:36:17 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea0f99ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2574
server
cloudflare
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v57/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v57/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
aae665c75af89ea7cb7d8ccc8b0911ea72267442ebcd84f6e3efa041ad3b3c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://fonts.googleapis.com/

Response headers

age
260118
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 08:16:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 08:16:28 GMT
last-modified
Wed, 10 Sep 2025 16:46:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12672
x-xss-protection
0
server
sffe
RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v16/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/scada/v16/RLp8K5Pv5qumeVrU6CEnT1Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
5efd8f2ead6cb379adfc977d300a7905cf1d3fd3ee2a1a264a1bc2250bf69259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://fonts.googleapis.com/

Response headers

age
271040
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 05:14:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 05:14:26 GMT
last-modified
Mon, 08 Sep 2025 18:01:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15284
x-xss-protection
0
server
sffe
Juan%20O%20Savin%20Critical%20Update%2010_5_25%20-%20They%20Fell%20for%20the%20Trap.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/Juan%20O%20Savin%20Critical%20Update%2010_5_25%20-%20They%20Fell%20for%20the%20Trap.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f6748b60237b999844886ae517759ff53739d5282955beab4cea0cb5c29283
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e2df34-9c91"
age
35677
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SuOM4Jo9eERxws9jizvm2eQ7hlVOBO4znwypPRumRBC%2F9pWfuu655T9OoynjytBinPRZMEv%2BNwNppSv1lyNirFMlmsSjDnRCBA4%2F%2BxmQfQ%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Mon, 05 Oct 2026 21:12:20 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Sun, 05 Oct 2025 21:12:20 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4f9ded74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
40081
server
cloudflare
a87i66.jpg
i.imgflip.com/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a87i66.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5721200bf6c2ff2efd08ea4286c2d9fff511ab9c0e5727b6fe682023cf56154b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"ee8543028566a3efd41f764c8e4c2e5f"
age
20486
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=47767
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Mon, 06 Oct 2025 02:30:19 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeacf50ec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
47510
server
cloudflare
SITUATION%20WEB%20(9)(4).jpg
beforeitsnews.com/contributor/upload/106013/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/SITUATION%20WEB%20(9)(4).jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79760a01830ca71964b05e4e10aa5edc782d69b2a9a465209ecb17a90c891b68
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e32935-cb25"
age
19643
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ItJ50rhi30zC52lVMOdo0DWu%2FRakhRz25gzjIcRnJAG6MANNouHmh%2Fk7jbknickf1aXxQMLd5xr1C%2B2jBX0%2B2y5BBZe4lee3xnyCBUgs%2BA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 06 Oct 2026 02:28:06 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Mon, 06 Oct 2025 02:28:05 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4f9fed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
52005
server
cloudflare
eXfoz_oq1b_1.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/eXfoz_oq1b_1.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93d9c62828e05abd49a466d0d6ace12abca59dc5f50859792b66573a544cc7af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e30c20-5cfe"
age
27322
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EO55yZcaECmeqkS6EdVtxFQWs1XQLlGa1ywX2esupQ%2BclnnwDBczIWuH%2BWx326%2FE5DjK%2BAXF5fgi2K4K1%2B69YlY7WfTxSlGQgVHbZan%2FxA%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 06 Oct 2026 00:24:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Mon, 06 Oct 2025 00:24:00 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4f9eed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
23806
server
cloudflare
a84p65.jpg
i.imgflip.com/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a84p65.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8119240953645b53c324c589b668e482a24223c34b74724935688b02e560a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"1cc09a7827ec5832a2d778521220cef0"
age
107370
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=87761
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Sun, 05 Oct 2025 02:34:42 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeacf54ec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
87017
server
cloudflare
a84nzt.jpg
i.imgflip.com/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a84nzt.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
394325235d983f15b98c96f3e7b56e8f1eec33e3b1e4018bc8f0081c5f09a878

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"436357461e856061fe18f96daae5817d"
age
75322
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=66798
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Sun, 05 Oct 2025 02:15:37 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeacf53ec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
66384
server
cloudflare
a84nu8.jpg
i.imgflip.com/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a84nu8.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505a6b2cfd2f246c00e55e561e91103f470d3c331c070deaea8475aa99901319

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"1e3ac65cc6b3067e82f4f8fcfd0234a7"
age
108966
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=52956
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Sun, 05 Oct 2025 02:13:08 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeacf51ec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
52729
server
cloudflare
Edward%20Dowd%20Full%20Disclosure%20Government%20In%20Crisis%2C%20Emergency%20Alert%20System%20Engaged.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/Edward%20Dowd%20Full%20Disclosure%20Government%20In%20Crisis%2C%20Emergency%20Alert%20System%20Engaged.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f047ac8372e4c37f058ff9a4298b6d1afe1b81e04a5aceac33d6f63e990350
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e2e4b9-d137"
age
38644
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Z4WQ8de5tBecQTyheCtl25kWMiFhq6KEpp1OAsvgHxUHFoce2Us4nLxerFx5a%2Fq%2BDt1no7TXkBSHePPuYF2BxjojMu1UVvgvyVu244xIzg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Mon, 05 Oct 2026 21:35:53 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Sun, 05 Oct 2025 21:35:53 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4fa0ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
53559
server
cloudflare
a87hfm.jpg
i.imgflip.com/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a87hfm.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69487230111c5e63409ff37a65a2c1b75d08dd64e70efe1b93e99cfbc8e29311

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"38fff45746362623c0fc87f70db65e55"
age
20523
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=80736
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Mon, 06 Oct 2025 02:19:15 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeacf56ec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
80121
server
cloudflare
A9ioz_oq1b_2-small-Trump-Cryptic-Message-Says-.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/A9ioz_oq1b_2-small-Trump-Cryptic-Message-Says-.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa66ef409d2aa95ad4f84987cdbb7a203ebd81d1de0fbd5cb57b0c13043ce05d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e329e6-bb75"
age
19680
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LyGLr5sMPbou5GhijgoH%2FplpzrKO7OylKQzrkxk3OppjZpWqFm%2BKn4o51onUn2dneoKOpLXniUpvGhlUJmasbDl%2FrG1thhVgnmu%2BitBTfg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 06 Oct 2026 02:31:02 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Mon, 06 Oct 2025 02:31:02 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4fa1ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
47989
server
cloudflare
hqdefault.jpg
img.youtube.com/vi/iflBkRlpRy0/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/iflBkRlpRy0/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f14.1e100.net
Software
sffe /
Resource Hash
c00a57ad6f98b98f4fc9cb2d039bfbec6324e75a5a5b550e441b71e65103724d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

etag
"0"
age
2050
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 09:57:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 07:57:36 GMT
content-type
image/jpeg
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
16524
x-xss-protection
0
server
sffe
Bo%20Polny%20An%20URGENT%20Warning%2010_5_25%20-%20Death%20to%20Mockers%2C%20This%20is%20UNBELIEVABLE.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/Bo%20Polny%20An%20URGENT%20Warning%2010_5_25%20-%20Death%20to%20Mockers%2C%20This%20is%20UNBELIEVABLE.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9ca78dde26e6042152c0f273b42611756b1a4bc094736bf67e591002424dca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e2e158-e323"
age
38644
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9t8VHsTE8tEBfCWwgfFh4UMp5A%2B4aPQZ8LiCf0HJdYAUX4XxLlPBNExubneE61ZbIy0sNDBMOYnMwoQHLzvmdrTfhP0CM4lPh49tTQ3jCQ%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Mon, 05 Oct 2026 21:21:28 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Sun, 05 Oct 2025 21:21:28 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4fa3ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
58147
server
cloudflare
a87i1w.jpg
i.imgflip.com/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a87i1w.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7fb2057311f3efe82534348b2667b589121f6ca3ea9d3edbed02eccb4014ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"d2c35fea66f0eb74538ca3741d1944b7"
age
20277
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=81939
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Mon, 06 Oct 2025 02:28:30 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeacf57ec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
81670
server
cloudflare
pumpkinPNG(1).png
beforeitsnews.com/contributor/upload/106013/images/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/pumpkinPNG(1).png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09cb06de4ac6a905fdff75fe171b5d912a9559834b85ecd096777db4977066d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5f8700b1-1e3d7"
age
26163
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=b03MmWxxN3IaO%2F2uMMLgEGCUBwEjgRkiXXTRnDbcTkSj57zpsrTrU5V0FyFeusZeTQ51hszTtdRVy6UNVeawThoSoH8qkwQq9CUGHfRgYQ%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 06 Oct 2026 00:36:58 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/png
vary
accept-encoding
last-modified
Wed, 14 Oct 2020 13:44:17 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4fa2ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
123863
server
cloudflare
SG%20Anon%20%26%20David%20Nino%20Rodriguez%2010_6.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/SG%20Anon%20%26%20David%20Nino%20Rodriguez%2010_6.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498156969d68712c02c90d8afee912a9695e633be659e1d80096d0cffb2117b9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e32bc6-be55"
age
19680
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ieLwjun8v3DAODt9sVwJ1cfUgiAB3NZv7%2BjeuzAqdeEzzV9L1TJDLcgU0fyHz4i2cB21GENRVVlU2hFlR7UvuMjR5Yp3tOoZx45j60gc%2Fw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 06 Oct 2026 02:39:02 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Mon, 06 Oct 2025 02:39:02 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4fa4ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
48725
server
cloudflare
hqdefault.jpg
i.ytimg.com/vi/K_czibJylWs/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/K_czibJylWs/hqdefault.jpg?sqp=-oaymwEnCNACELwBSFryq4qpAxkIARUAAIhCGAHYAQHiAQoIGBACGAY4AUAB&rs=AOn4CLAyWwEqX2lGrySLPUzd2CkHPslwbg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f22.1e100.net
Software
sffe /
Resource Hash
ff191494e727e8c370df31a6152786279dedf9e1bb6b0bc137a61d8d145dbc0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

etag
"1759508241"
age
53
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:35:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:30:53 GMT
content-type
image/avif
cache-control
public, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
18599
x-xss-protection
0
server
sffe
a856go.jpg
i.imgflip.com/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a856go.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7e965c8c05d2320a359208a85c42bfefdc4caf04012d9f7198835b352523a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"3ba58838ed4b862ae38e6e6a7a306cc5"
age
85263
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=51130
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Sun, 05 Oct 2025 08:35:11 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeabf39ec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
50927
server
cloudflare
secret%20space%20fleet.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/secret%20space%20fleet.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6024039350aff5463e909677cbf84fe60ff071806c8b96e3171e5b34ca39daf4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"595a1fac-88e4"
age
102719
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=73obMQZlyCscSSicvp4tzwWNkiNPEcC3WcYJ0AnCreO0hgye%2FGaEJ%2F%2BCH1wRjYaMlt7O2YirhWtf%2FOVwYKANfSiTVaHdCRAaE8yni8n%2B2A%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Mon, 05 Oct 2026 03:38:13 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Mon, 03 Jul 2017 10:42:52 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4fa7ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
35044
server
cloudflare
gahoz_oq1b_2-small-6-Mins-Ago-General-Flynn-Is.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/gahoz_oq1b_2-small-6-Mins-Ago-General-Flynn-Is.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b68d9ee31b82202cef89471861e86b048ddc8e8d6e32adc7e23d3d82938c18
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e311cd-aaa1"
age
26163
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4kiXqv3Z98%2BcqOmoueVVv3JhAg4uYAG2Wk3L0IA5i2%2BaJdkTBRYTXMYCUs8%2BSTUB21Kcj58v0Imvo%2Fq8sE6Dssa991QRRgmBdCHvcMLlGg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Tue, 06 Oct 2026 00:48:13 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Mon, 06 Oct 2025 00:48:13 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4fa6ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
43681
server
cloudflare
OY9nz_oq1b_2-small-Tucker-Carlson-Just-Exposed.jpg
beforeitsnews.com/contributor/upload/106013/images/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/contributor/upload/106013/images/OY9nz_oq1b_2-small-Tucker-Carlson-Just-Exposed.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b0d0e3f423a53174caa6c0970d6c3d00b9f9a889d05f7f95fbe039ea798520
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"68e2d6c0-ae05"
age
40939
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Hf%2BAzTLK7Fng3jEjfpRTP76jXYbGv%2BXU2VWPokcqcw%2F41LgFvv%2Fhx21OaIgEwZOpaI1j77quZbmfkymEWZ5aSuzjmbgjY1eOwHoeOr%2FNuw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Mon, 05 Oct 2026 20:36:16 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Sun, 05 Oct 2025 20:36:16 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdea4fa5ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
44549
server
cloudflare
5217af2beab8eab736000010
i.insider.com/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.insider.com/5217af2beab8eab736000010?width=800&format=jpeg&auto=webp
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92a2cc46f79ab506a8323cac34a5e520ed6c03b2b6b0dfe92a2a9c01f49f0b6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

fastly-io-info
ifsz=36050 idim=1483x741 ifmt=jpeg ofsz=7636 odim=800x400 ofmt=webp
etag
"MYIGWgGlwnUiSKENbo8BjPwf2jNGL4DbE4ZapsmWtBg"
x-amz-version-id
null
age
2369327
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
H0FrukDDDxbY8vm75BaH7AniMQ1bNfaveTbTfLpryc0NNetAplZTgg==
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200147-IAD, cache-adl2040033-ADL
x-cache-hits
108, 0
vary
Accept
fastly-stats
io=1
cache-control
max-age=2592000, public
x-timer
S1759739507.506391,VS0,VE1
via
1.1 02d40d77941fe6c2f8e7ff5156c01128.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
7636
fastly-io-served-by
vpop-kiad7010213
x-amz-cf-pop
IAD12-P4
server
AmazonS3
FrvSrvzHYplZ_640x360.jpg
static-3.bitchute.com/live/cover_images/Qa92RL4rqJbq/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-3.bitchute.com/live/cover_images/Qa92RL4rqJbq/FrvSrvzHYplZ_640x360.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.46.69 Singapore, Singapore, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
138-199-46-69.bunnyinfra.net
Software
BunnyCDN-SG1-867 /
Resource Hash
28023958d1f8a6532d88eadd8680f823105781a46cf9c1cf0bdac33097ce7146
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cdn-status
200
etag
"eff3f85fe747b959aa7ff69f54aa0c18"
date
Mon, 06 Oct 2025 08:31:46 GMT
x-rgw-object-type
Normal
content-type
image/jpeg
last-modified
Tue, 22 Oct 2024 18:26:19 GMT
cdn-cachedat
10/06/2025 07:10:05
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cdn-requestid
7efb5b7eebc150eefe583d3ad4f91c01
cdn-pullzone
89010
cdn-proxyver
1.37
x-amz-request-id
tx00000512daf41d7e4c8f1-0068e36b4c-85cd2925-nyc3d
accept-ranges
bytes
content-length
23494
cdn-edgestorageid
869
server
BunnyCDN-SG1-867
cdn-requestcountrycode
AU
a84piu.jpg
i.imgflip.com/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a84piu.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d821829fdcd641203c77c4be3010c05a52420780fc3c316a0da7e329da8165

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6c61c24e7dc6e5cd3a321cfde73f99d1"
age
106826
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=57822
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Sun, 05 Oct 2025 02:40:47 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeb5fdeec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
57602
server
cloudflare
a82iql.jpg
i.imgflip.com/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a82iql.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07423f01175708dbda2a0e00657fd5ab1da395b26ada221c05fb85b86f33f194

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"666731c62337869f091c1a995010d45b"
age
173705
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=35317
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Sat, 04 Oct 2025 08:10:38 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeb7807ec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
34974
server
cloudflare
a87hpu.jpg
i.imgflip.com/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgflip.com/a87hpu.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.71.101 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1884e4d1e9956409597f01c1585e316d42a13bead0c908b073cb07d3865c388

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"c8303dfef5a5443031d73f110b8c220a"
age
21926
cf-cache-status
HIT
expires
Thu, 04 Oct 2035 08:31:46 GMT
cf-polished
origSize=57277
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
image/jpeg
last-modified
Mon, 06 Oct 2025 02:23:23 GMT
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
98a3cdeb780bec81-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
56902
server
cloudflare
hqdefault.jpg
img.youtube.com/vi/XpJkA-3XZlY/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/XpJkA-3XZlY/hqdefault.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f14.1e100.net
Software
sffe /
Resource Hash
b36e34a94da4bfed72a966e0ba0262904494367039dd32d4a6b68b92ed6af25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

etag
"1756576181"
age
1558
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 10:05:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:05:48 GMT
content-type
image/jpeg
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
24881
x-xss-protection
0
server
sffe
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.51.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-51-50.cgk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13c79ec9033c8bb73051573ba234af2c30709128411f5a7b64e9780c931e9605

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

vary
accept-encoding, Origin
cache-control
public,max-age=3600
content-encoding
gzip
x-amz-version-id
lhpQNYh9ClGJl1S.qJf3e07_Bj79BouP
etag
W/"df7881930ebbc0f7a3ef52167cff3c97"
age
821
via
1.1 529d5b169df066996e42daaa639c401e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ShBQwGIhY-VJbrO8iLewu_y2U000nz895HsPuNqZU9Ev7Jz2F5qJHg==
date
Mon, 06 Oct 2025 08:18:06 GMT
content-type
application/javascript
last-modified
Thu, 11 Sep 2025 09:57:18 GMT
server
AmazonS3
x-amz-cf-pop
CGK50-P4
x-amz-server-side-encryption
AES256
10864438442185062
customads.co/lad/ Frame B9D3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customads.co/lad/10864438442185062?pubid=ld-7911-1672&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=2521&language=en-AU&sw=1600&sh=1200&pr=1&ot=landscape-primary&ex=false&embed_type=7&embed_frame_container_type=3
Requested by
Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.30.115 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.30.190.35.bc.googleusercontent.com
Software
/
Resource Hash
3bdcbf25d6d0eaee0a470db12013a53e0f1d702869ebde96b16f8140412f7535

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1840
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:46 GMT
via
1.1 google
10864440455450982
customads.co/lad/ Frame 4913 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customads.co/lad/10864440455450982?pubid=ld-4166-9392&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=4407&language=en-AU&sw=1600&sh=1200&pr=1&ot=landscape-primary&ex=false&embed_type=7&embed_frame_container_type=3
Requested by
Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.30.115 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.30.190.35.bc.googleusercontent.com
Software
/
Resource Hash
3bdcbf25d6d0eaee0a470db12013a53e0f1d702869ebde96b16f8140412f7535

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1840
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:46 GMT
via
1.1 google
9777028388081510
customads.co/lad/ Frame ABD1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customads.co/lad/9777028388081510?pubid=ld-6512-6157&pubo=https%3A%2F%2Fbeforeitsnews.com&rid=&width=370&path=%2F&x=1020&y=4407&language=en-AU&sw=1600&sh=1200&pr=1&ot=landscape-primary&ex=false&embed_type=7&embed_frame_container_type=3
Requested by
Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.30.115 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
115.30.190.35.bc.googleusercontent.com
Software
/
Resource Hash
3bdcbf25d6d0eaee0a470db12013a53e0f1d702869ebde96b16f8140412f7535

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1840
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:46 GMT
via
1.1 google
gtm.js
www.googletagmanager.com/ 		292 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
853664edec09df408fe2a0636d773676b63d622b8b30beb1e2f29dadaacf8450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
zstd
expires
Mon, 06 Oct 2025 08:31:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 06 Oct 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
107205
x-xss-protection
0
server
Google Tag Manager
showing.php
a1.beforeitsnews.com/dAjax/ 		61 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a1.beforeitsnews.com/dAjax/showing.php
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.231 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3aad1e0ad55f758b9e51ce1cb92cc5c379b079e1f6250c3f5ae27bf0cb8653
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ekWmA1VQt%2B8RGxnXfloZIzRvyUxwfjWWvnBg0u0v4Yz3meGIHD3zkL8qupRlaMhsZNZbuAkHcBGbOgpE%2FBBeNF0EamZ6Atsk81rezLqtxyEfag%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
private
cf-ray
98a3cdec99f7ec77-ADL
access-control-allow-origin
*
server
cloudflare
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/global-bin-rev-202509301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"09282956186c8515ef0d208902803581"
age
1561
expires
Thu, 09 Oct 2025 08:31:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
98a3cdecb96cf3e3-ADL
server
cloudflare
5ffda9f3-939f-4125-be23-c45f20829dfc
https://beforeitsnews.com/ 		0
0
07a68d71-3e50-4dea-b9e1-a49b4320061a
https://beforeitsnews.com/ 		0
0
20356d7c-4ba8-4164-bf92-37b4c8d42331
https://beforeitsnews.com/ 		0
0
937cc879-afbe-4406-b239-80d408968f26
https://beforeitsnews.com/ 		0
0
9b68c2a8-386a-4783-a986-ee0668990d40
https://beforeitsnews.com/ 		0
0
eb4689eb-d858-4302-b21c-f36b06c7f122
https://beforeitsnews.com/ 		0
0
dac6df27-d875-425f-bf21-a22f50c4749c
https://beforeitsnews.com/ 		0
0
73486c36-8705-4a35-a9b4-bbe82cd929ef
https://beforeitsnews.com/ 		0
0
count.php
ajax.beforeitsnews.com/core/ajax/counter/ 		15 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ajax.beforeitsnews.com/core/ajax/counter/count.php
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.94.231 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79133f303310f251a4d9114940cfeb43c7ea0019d94a7ef473ecc733f680a4c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://beforeitsnews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-max-age
3628800
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=RobxFidu92OtNtwMuw%2B2eLew0c1h2oylCN6Umk9MiONmvx52qC%2Bhlknjbt1MH%2Bb%2FZBe%2BPHm3bHMdvwPwEnrWg9as%2BKjvMHH0eSY3wvbhhzYotxxv"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray
98a3cdeca9f8ec77-ADL
access-control-allow-origin
*
server
cloudflare
main.js
beforeitsnews.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/ Frame B2B3
Redirect Chain
  • https://beforeitsnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://beforeitsnews.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/main.js?
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/main.js?
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4383689931938dd62e1307b66c7d4a9e5f1159c5c7a426c18a8e3b376aef74f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
98a3cdecffc1ed74-ADL
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/16f9cd2f90a6/main.js?
cf-ray
98a3cdecdfbfed74-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 06 Oct 2025 08:31:46 GMT
server
cloudflare
384b20b0-db07-44f6-a251-9bd1202ee94d
https://beforeitsnews.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://beforeitsnews.com/384b20b0-db07-44f6-a251-9bd1202ee94d
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Type
video/mp4
Content-Range
bytes 0-1492/1493
Content-Length
1493
cf19cf04-3fa7-493f-a807-0c0eb90bb048
https://beforeitsnews.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://beforeitsnews.com/cf19cf04-3fa7-493f-a807-0c0eb90bb048
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Type
video/mp4
Content-Range
bytes 0-1492/1493
Content-Length
1493
e832af22-26a8-4f6a-9937-f1bb9926df27
https://beforeitsnews.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://beforeitsnews.com/e832af22-26a8-4f6a-9937-f1bb9926df27
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Type
video/mp4
Content-Range
bytes 0-1492/1493
Content-Length
1493
8f3bb123-e5c6-4fd4-837e-b627df937027
https://beforeitsnews.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://beforeitsnews.com/8f3bb123-e5c6-4fd4-837e-b627df937027
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Type
video/mp4
Content-Range
bytes 0-1492/1493
Content-Length
1493
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ 		801 KB
342 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
6159c42218db471f012088abd52e60fe39e5c1dcf2981ff7d80f38d8bd36a690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
age
231688
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:10:18 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:10:18 GMT
last-modified
Mon, 29 Sep 2025 12:04:53 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
access-control-allow-origin
*
content-length
349597
x-xss-protection
0
server
sffe
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"7e91359b46e1da637080a03b759164fa"
age
2648
expires
Thu, 09 Oct 2025 08:31:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
98a3cdecf9d5f3e3-ADL
server
cloudflare
98a3cde51f23ed74
beforeitsnews.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.8085982714132377:1759735238:rD22K6QEGWrqAOV6i9UO7FXGnrlmaYNh4l8f7NYU03A/ Frame B2B3 		0
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beforeitsnews.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.8085982714132377:1759735238:rD22K6QEGWrqAOV6i9UO7FXGnrlmaYNh4l8f7NYU03A/98a3cde51f23ed74
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

cf-ray
98a3cdedafcbed74-ADL
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.pgV-E-68K-A.L.W.O/am=AMA/d=0/rs=AN8SPfo2HeflihKMbfgwV84pq3lzEm8ziw/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.pgV-E-68K-A.L.W.O/am=AMA/d=0/rs=AN8SPfo2HeflihKMbfgwV84pq3lzEm8ziw/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.fIOWCqQ8WwM.O/am=AMA/d=1/rs=AN8SPfqb1S7Dh_Js0o9FM5-KTgGGBbXcPA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
fb1bd700eb83832fc2ca14c9fd537e5facad95f3bd15632db0c4b1c5a5bd7e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
age
267825
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 06:08:02 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 06:08:02 GMT
last-modified
Thu, 22 May 2025 01:09:21 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
4155
x-xss-protection
0
server
sffe
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fIOWCqQ8WwM.O/am=AAAE/d=1/exm=el_conf/ed=1/rs=AN8SPfolgpmdh1fclye4gZ_KIQacQsfHUg/ 		218 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fIOWCqQ8WwM.O/am=AAAE/d=1/exm=el_conf/ed=1/rs=AN8SPfolgpmdh1fclye4gZ_KIQacQsfHUg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.fIOWCqQ8WwM.O/am=AMA/d=1/rs=AN8SPfqb1S7Dh_Js0o9FM5-KTgGGBbXcPA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
sffe /
Resource Hash
58be5acde9545e3a0fe9a69eeba93d5467276b0ba18adb198cca70d6257a6035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
age
225206
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 17:58:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 17:58:21 GMT
last-modified
Wed, 01 Oct 2025 03:09:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
77156
x-xss-protection
0
server
sffe
web
onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/8227a7ab-148a-4916-95eb-5258942079c4/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87f48cd40bb8470f71da58f6700e07ff305009904b657dd31eb1423cf5e5cd7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-request-id
b4578e55-bbcb-4894-a1c6-73fb4983eb7b
content-encoding
br
cf-cache-status
HIT
etag
W/"e87f48cd40bb8470f71da58f6700e07f"
age
1985
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 09:31:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:46 GMT
content-type
text/javascript; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.021480
priority
u=3,i=?0
access-control-allow-headers
SDK-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=3600
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 google
cf-ray
98a3cdee3cf955f0-ADL
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
/
c.mgid.com/pv/ 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?pv_types=pv&ns=1&cbuster=1759739506886321260833&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413727&site=310742&cid=720413&i=1&nullid=0&scum=%3F0&scuw=%3F0&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdee2b9ced6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
wl
servicer.mgid.com/ 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servicer.mgid.com/wl?cid=720413&cmpreason=wvz&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739506997528624762&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=c1f70777-440c-405a-b9c0-10febd90f86f&uniqId=14695&childs=1809347&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1027&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
98a3cdeedc64ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
wl
servicer.mgid.com/ 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servicer.mgid.com/wl?cid=351459&cmpreason=wvz&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739506998656438320&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=a74d1d0f-fca1-4d20-9aa2-f125469c0de5&childs=1808921&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1028&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
98a3cdeedc62ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
wl
servicer.mgid.com/ 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servicer.mgid.com/wl?cid=1625435&nocmp=1&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739506999921830389&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=b9247178-23f0-41ab-ae70-3057e9d49635&uniqId=09648&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1029&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
98a3cdeedc63ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
wl
servicer.mgid.com/ 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servicer.mgid.com/wl?cid=720415&nocmp=1&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739507000987714857&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=48c61407-2838-4497-86a7-5e7e6dda980e&uniqId=0273d&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1030&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
98a3cdeedc65ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
HIT
etag
W/"617c205137825561208ef7c1a2d8f319"
x-amz-version-id
null
age
1274
expires
Tue, 07 Oct 2025 08:31:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
MOk8JprxYEf86XFfW6gaMV7PDAFH+nfN1y18kUUPHeKJTBLb4OqcZfd8Z+sAuLP+dCRy+MR6JS0=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
x-amz-request-id
B99PEW4Y8WBE0EX0
cf-ray
98a3cdef1ca2ed6c-ADL
access-control-allow-origin
*
server
cloudflare
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
HIT
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
x-amz-version-id
null
age
1744
expires
Tue, 07 Oct 2025 08:31:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/svg+xml
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
Aj+MGb8fhzwGobiOfqSi4bEgmKJcctv2bzMy++xe5ESXAt7/2CdlKxXzuAggpNlB4SeXta4vT3I=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
x-amz-request-id
B99P803ZT0F1YF9S
cf-ray
98a3cdef1ca0ed6c-ADL
access-control-allow-origin
*
server
cloudflare
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

age
249930
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 11:06:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 11:06:17 GMT
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16224
x-xss-protection
0
server
sffe
5529669
www.tickcounter.com/widget/countdown/ Frame A7BA 		44 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tickcounter.com/widget/countdown/5529669
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.240 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ef15eec5ac434c5ccf17dafe22216e36eab344b36f1a0418616171a996526a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

age
1001937
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
HIT
cf-ray
98a3cdef6d13ec85-ADL
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:47 GMT
expires
0
last-modified
Wed, 03 Sep 2025 06:46:15 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
no-cache
referrer-policy
same-origin
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZaZ1BdazDCjEQXNyo8XGfZex81z3dEwzL0LkfcbSS7U1tmLTuup0Oj9%2BY92DEwq7bzHMACg9MKnar3aGcnMdOxqcyp%2BD2wFh9YDww5B8z8I%3D"}]}
server
cloudflare
vary
Accept-Encoding
x-clacks-overhead
GNU Terry Pratchett
x-content-type-options
nosniff
3HkOiY9OiRo
www.youtube.com/embed/ Frame 1BA3 		113 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/3HkOiY9OiRo
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
0bb5016277aacef229453189b922b2faaa68d3f576bfab74daa051c29702a93e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-security-policy-report-only
script-src 'unsafe-eval' 'self' 'unsafe-inline' https://www.google.com https://apis.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://*.youtube.com https://*.google.com https://*.gstatic.com https://youtube.com https://www.youtube.com https://google.com https://*.doubleclick.net https://*.googleapis.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.youtubekids.com https://www.youtube-nocookie.com https://www.youtubeeducation.com https://www-onepick-opensocial.googleusercontent.com;report-uri /cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Oct 2025 08:31:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 ApTXX1w2dkJZuuxlV9csQYg+9ZVXekg+mOu8mS9vb7/V2oeMLKqGC8blgR6ech+eqbhGAgLKPthyai7z89MdTAgAAACLeyJvcmlnaW4iOiJodHRwczovL3d3dy55b3V0dWJlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRG9jdW1lbnRQb2xpY3lJbmNsdWRlSlNDYWxsU3RhY2tzSW5DcmFzaFJlcG9ydHMiLCJleHBpcnkiOjE3NDk1MTM2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
EXJksnmgE8s
www.youtube.com/embed/ Frame DE4B 		113 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/EXJksnmgE8s
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/static/js-v3/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
2af1299f26ffffd11e5365ff0fdaa545e4554e40df9f567a6d1d39d50f89dcb5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-security-policy-report-only
script-src 'unsafe-eval' 'self' 'unsafe-inline' https://www.google.com https://apis.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://*.youtube.com https://*.google.com https://*.gstatic.com https://youtube.com https://www.youtube.com https://google.com https://*.doubleclick.net https://*.googleapis.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.youtubekids.com https://www.youtube-nocookie.com https://www.youtubeeducation.com https://www-onepick-opensocial.googleusercontent.com;report-uri /cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Oct 2025 08:31:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 ApTXX1w2dkJZuuxlV9csQYg+9ZVXekg+mOu8mS9vb7/V2oeMLKqGC8blgR6ech+eqbhGAgLKPthyai7z89MdTAgAAACLeyJvcmlnaW4iOiJodHRwczovL3d3dy55b3V0dWJlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRG9jdW1lbnRQb2xpY3lJbmNsdWRlSlNDYWxsU3RhY2tzSW5DcmFzaFJlcG9ydHMiLCJleHBpcnkiOjE3NDk1MTM2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
080e11447b9e43711f1bacad58d3d182bf3dff3d.jpg
beforeitsnews.com/img/year2025/10/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/year2025/10/080e11447b9e43711f1bacad58d3d182bf3dff3d.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd091c87e4857a6aef886da339840cec0aa24e3e64145702fbff416a7aaa993
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"60982e0c-88af"
age
445214
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2Blt6qhPEB4YJHlfQpmVNMHxol1NdxjFEg9lnEhwSxo2oE5FoV96Z7zJz5aIBEBI1IiVsWEBXCMwjikunpX7CCCnrlFj3itdda6DzQkOPNg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 01 Oct 2026 04:00:02 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Sun, 09 May 2021 18:46:36 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdeeffd5ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
34991
server
cloudflare
f8b43c3d79d51676156dc01c8231a46c739110b3.jpeg
beforeitsnews.com/img/banner_contract/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/banner_contract/f8b43c3d79d51676156dc01c8231a46c739110b3.jpeg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
185d8d4d6d7bd0ba74fcce8ab9f1837a3e41fab19b98762c4c486ea22b12a3b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"66181e64-d451"
age
993925
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YzNDmdzJZx7ED58G%2FjO1eXQlACkrzAfgzo0i3hnTvGSNtEF%2FB2cztzoG%2F45t2VHzdc715rMl%2FGxDBrWl7JdOYfoQSaETMYmAvW90zzVoQQ%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 20:10:34 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Thu, 11 Apr 2024 17:31:16 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdeeffd7ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
54353
server
cloudflare
70189017dfbe10d1266577b2701c43e156554529.jpg
beforeitsnews.com/img/banner_contract/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/banner_contract/70189017dfbe10d1266577b2701c43e156554529.jpg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9864dcf84a8454f6e555202b5713c5b3d66575f8abee347de008403fa8c14e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"633e27e6-10f96"
age
993925
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FU6VFMbLLAdUwUd8n6SPS3lslBpLZ7Pu2T7V8xHs7FfZLR4Thl%2FJUa5u5jPHP1INfSRe7H8DqMF0MkpnFG9F73btX%2FlNsiRCVNO%2FKwF9Cg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 20:08:46 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Thu, 06 Oct 2022 00:57:10 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
private, max-age=31536000, must-revalidate
cf-ray
98a3cdeeffd6ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
69526
server
cloudflare
94ffcdb0680690132d3ef97592cbc74e20387484.jpeg
beforeitsnews.com/img/year2025/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/year2025/10/94ffcdb0680690132d3ef97592cbc74e20387484.jpeg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9054eb850682d3eb5239c7478a52bfae0ff44261d324f9dbf4a82e38fd90fc20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5c50f079-42ae"
age
446752
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zlUQNa53IqHUtHbQ9B7C03w1tTY2xxnPdTczcy96TBJsorQy%2B9fk4vANBOqQPR%2BgBcc%2FgqlyaVwkRGTbqIbZSkqWl8oz9G8So1Mwhe5Kpg%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 01 Oct 2026 04:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Wed, 30 Jan 2019 00:31:53 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdeeffd9ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
17070
server
cloudflare
94ffcdb0680690132d3ef97592cbc74e20387484.jpeg
beforeitsnews.com/img/year2024/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/year2024/11/94ffcdb0680690132d3ef97592cbc74e20387484.jpeg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9054eb850682d3eb5239c7478a52bfae0ff44261d324f9dbf4a82e38fd90fc20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5c50f079-42ae"
age
724715
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MT3PlvHR2N2vSDK%2FxvyNRbOkrb670YwuxcmoHkDKkPM5CAmbGSYh910eaLWiJUqTAIu%2Fyi982S3Ef%2B7ANs0ml4SOngyWG4COETU9LE5CXw%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 20:08:04 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Wed, 30 Jan 2019 00:31:53 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cdeeffd8ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
17070
server
cloudflare
supply
events.browsiprod.com/events/v2/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=MdTYdBaptRfSwteOGqYS
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.77.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-77-25.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://beforeitsnews.com/

Response headers

date
Mon, 06 Oct 2025 08:31:47 GMT
access-control-allow-origin
https://beforeitsnews.com
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=d_mapping&pk=mgid&url=https%3A%2F%2Fbeforeitsnews.com%2F&bid=MdTYdBaptRfSwteOGqYS&at=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sw=1600&sh=1200&ga=%7B%22t%22%3A1759739507034%2C%22eu%22%3Afalse%7D&pvid=916d0174-a1a5-43c1-8fa4-2f65aafecb34&l=en-US
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.175.115.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-175-115-53.syd3.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
dfa2c0f9c085fc2640e8435db941ea41f44640ffd755b014b22a3dd182631027

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 eeea8da871e153e9b2b4139b85093970.cloudfront.net (CloudFront)
access-control-allow-origin
https://beforeitsnews.com
x-cache
Miss from cloudfront
x-amz-cf-id
qfUuNp1wPMjzaPoTXzIzMCPRuZikuA1iM8c3iAP1a6A8aaPd97dt0Q==
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
application/json
x-amz-cf-pop
SYD3-P3
server
akka-http/10.2.1
2WMX5JQ2bkA
www.youtube.com/embed/ Frame ED69 		113 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
cd84d657f7085eea383af6df1110dcbea0e7b1c62bd9024c86f213972bc8eb17
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-security-policy-report-only
script-src 'unsafe-eval' 'self' 'unsafe-inline' https://www.google.com https://apis.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://*.youtube.com https://*.google.com https://*.gstatic.com https://youtube.com https://www.youtube.com https://google.com https://*.doubleclick.net https://*.googleapis.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.youtubekids.com https://www.youtube-nocookie.com https://www.youtubeeducation.com https://www-onepick-opensocial.googleusercontent.com;report-uri /cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Oct 2025 08:31:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 ApTXX1w2dkJZuuxlV9csQYg+9ZVXekg+mOu8mS9vb7/V2oeMLKqGC8blgR6ech+eqbhGAgLKPthyai7z89MdTAgAAACLeyJvcmlnaW4iOiJodHRwczovL3d3dy55b3V0dWJlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRG9jdW1lbnRQb2xpY3lJbmNsdWRlSlNDYWxsU3RhY2tzSW5DcmFzaFJlcG9ydHMiLCJleHBpcnkiOjE3NDk1MTM2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
output.5bea1cc590d0.js
www.tickcounter.com/static/files/js/ Frame A7BA 		157 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tickcounter.com/static/files/js/output.5bea1cc590d0.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/5529669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.240 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bea1cc590d02191caf841a29fade286cdc40a8fb87d6935e617f32af8bd8ca8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.tickcounter.com/widget/countdown/5529669

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cache-control
max-age=14400
cf-cache-status
HIT
age
625060
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Bjqih%2BmjW1qwTwtUVOSwVXc%2Fu%2FzrhWpj9r%2Bslut5AMBdJhe7uzxHliyY5qifeqxuSYODN7ejn%2BaoQm%2Big%2BUeb%2Bu62H65TZd8VStbS73nrro%3D"}]}
cf-ray
98a3cdf04dd7ec85-ADL
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 05 Aug 2025 13:04:05 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame A7BA 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/5529669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
98a3cdf0aa912670-ADL
access-control-allow-origin
*
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
1
servicer.mgid.com/720413/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/720413/1?cmpreason=wvz&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739507317149837497&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=c1f70777-440c-405a-b9c0-10febd90f86f&uniqId=14695&childs=1809347&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1347&w=370&h=345&tl=150&tlp=1&sz=367x319&szp=1&szl=1&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1320be4837263d6b497d1d7a1a956dd4854319956405ae4c03da419c181998d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
98a3cdf0ce64ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
1
servicer.mgid.com/351459/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/351459/1?cmpreason=wvz&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739507318283077081&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=a74d1d0f-fca1-4d20-9aa2-f125469c0de5&childs=1808921&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1348&w=370&h=1157&tl=150&tlp=1,2,3,4&sz=367x283&szp=1,2,3,4&szl=1;2;3;4&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6b2175c5aa4363d1ef9382b0ed97f310230fa70b376cd0e4a81dec8e1922ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
98a3cdf0ce66ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
1
servicer.mgid.com/1625435/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1625435/1?nocmp=1&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=175973950731950026940&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=b9247178-23f0-41ab-ae70-3057e9d49635&uniqId=09648&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1348&w=370&h=357&tl=150&tlp=1&sz=367x307&szp=1&szl=1&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7cad9a71fd067426a0af34b701b9e5fd0c8dbb63c10033d3e4e052e837965a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
98a3cdf0ce67ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
1
servicer.mgid.com/720415/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/720415/1?nocmp=1&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739507324448237564&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=48c61407-2838-4497-86a7-5e7e6dda980e&uniqId=0273d&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1354&w=370&h=367&tl=150&tlp=1,2&sz=182x327&szp=1,2&szl=1,2&gptbid=1821722&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b6db0b339bbf4ae499b0ef2be8f405bab4eab94afa1a002de8d3d42c6d71b89
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
98a3cdf0de6eed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
anchor
www.google.com/recaptcha/api2/ Frame 8502 		76 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&co=aHR0cHM6Ly9iZWZvcmVpdHNuZXdzLmNvbTo0NDM.&hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=na6nje77w9fa
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
ESF /
Resource Hash
369641bf5e0171e9fbbe117e509a9c359802f042fd7f99d50482257ea105b284
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G32CyGOb6x4VEKMrFau2aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-G32CyGOb6x4VEKMrFau2aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Oct 2025 08:31:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
middy-desktop-4.49.1155.js
cdn.browsiprod.com/sd/apps/middy/ 		356 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.49.1155.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.51.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-51-50.cgk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38054b1850d306d7e90b644df2aebabcbb41681f0dce93c23bcc034fe64206de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

vary
accept-encoding, Origin
cache-control
public,max-age=31536000
content-encoding
br
x-amz-version-id
7l81DbKEigeEZM8OUC4HOtJPDLN7SKB1
etag
W/"7e6e6736deea16cb7e4573d774134587"
age
79834
via
1.1 529d5b169df066996e42daaa639c401e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Kphuq3uOfimKdLySRySENclyOwuCxFvhcJ5s0BUw7Fk6AFL6EmK3Jw==
date
Sun, 05 Oct 2025 10:21:14 GMT
content-type
application/javascript
last-modified
Sun, 05 Oct 2025 10:18:51 GMT
server
AmazonS3
x-amz-cf-pop
CGK50-P4
x-amz-server-side-encryption
AES256
trace
www.tickcounter.com/cdn-cgi/ Frame A7BA 		306 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tickcounter.com/cdn-cgi/trace
Requested by
Host: www.tickcounter.com
URL: https://www.tickcounter.com/static/files/js/output.5bea1cc590d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.240 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
758628d78120c8d32e92f92ac71a6a0bae41d750d28ad222f93c516e9e9b7d9d

Request headers

Referer
https://www.tickcounter.com/widget/countdown/5529669
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept
text/plain, */*; q=0.01

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
br
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=H8GwJlaTQx4Hb9etRs2dO2S5H%2BFEpB3R6P%2B%2FmNofMXHI7KAU%2BwTMLeE5EbdG2vZ2N%2BNvPNhAWYFNfWGyc6tg25SjOEqu1%2F7I3FXMXLcUIAw%3D"}]}
cf-ray
98a3cdf18f1eec85-ADL
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
*
date
Mon, 06 Oct 2025 08:31:47 GMT
if-modified-since
off
content-type
text/plain
vary
accept-encoding
server
cloudflare
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tickcounter.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.tickcounter.com
access-control-max-age
86400
cf-ray
98a3cdf1fe9b55f0-ADL
content-encoding
gzip
content-type
text/plain
date
Mon, 06 Oct 2025 08:31:47 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/ Frame A7BA 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
98a3cdf23eb855f0-ADL
access-control-allow-origin
https://www.tickcounter.com
date
Mon, 06 Oct 2025 08:31:47 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: entzames.com
URL: https://entzames.com/easylist/12098
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
51592ed51d35392f771ece122f23068ec1ce013fa0a697239be90045a7d95bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
br
etag
3594519938722005592
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:31:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54200
x-xss-protection
0
server
cafe
advertising.js
rddywd.com/ 		9 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rddywd.com/advertising.js
Requested by
Host: entzames.com
URL: https://entzames.com/easylist/12098
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.241 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
public, max-age=86401
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
30626
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0gt1axt0TnAZ8imFRUbSG1wa5duZntLKJVXo79C5wDFi3Z6bG2ZsnS2zJI9uHztvJy8wQBYWu3zbieNk2SjaKItVIvT9MANd"}]}
cf-ray
98a3cdf1ca1ded73-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
application/javascript, application/javascript
vary
accept-encoding
server
cloudflare
last-modified
Mon, 06 Oct 2025 00:01:20 GMT
adcode.png
rddywd.com/ 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rddywd.com/adcode.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.241 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
public, max-age=86401
cf-cache-status
HIT
age
76208
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=x9oqcJ2cY9Lz%2BoCql70oopJ6UGCYEYgzfEJT%2FQo1MIxDlqiUUX4pkhM0xvrqCmb1BbeLN109uiVw8qrthxYmRzZvHXgwxbRQ"}]}
cf-ray
98a3cdf1cdafed78-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
vary
accept-encoding
generate_204
www.googleapis.com/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 06 Oct 2025 08:31:47 GMT
cross-origin-resource-policy
cross-origin
truncated
/ Frame DC45 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dcae222606cf25659d185a62f2fcd41caf42f6dd3d9dda50eda1f281e304065

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.pgV-E-68K-A.L.W.O/am=AMA/d=0/rs=AN8SPfo2HeflihKMbfgwV84pq3lzEm8ziw/ Frame F8B1 		22 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.pgV-E-68K-A.L.W.O/am=AMA/d=0/rs=AN8SPfo2HeflihKMbfgwV84pq3lzEm8ziw/m=el_main_css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fIOWCqQ8WwM.O/am=AAAE/d=1/exm=el_conf/ed=1/rs=AN8SPfolgpmdh1fclye4gZ_KIQacQsfHUg/m=el_main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
fb1bd700eb83832fc2ca14c9fd537e5facad95f3bd15632db0c4b1c5a5bd7e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
age
267825
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 06:08:02 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 06:08:02 GMT
last-modified
Thu, 22 May 2025 01:09:21 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
4155
x-xss-protection
0
server
sffe
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
age
202502
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 04 Oct 2026 00:16:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Oct 2025 00:16:45 GMT
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
3340
x-xss-protection
0
server
sffe
cleardot.gif
www.google.com/images/ 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
43
date
Mon, 06 Oct 2025 08:31:47 GMT
x-xss-protection
0
content-type
image/gif
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.pgV-E-68K-A.L.W.O/am=AMA/d=0/rs=AN8SPfo2HeflihKMbfgwV84pq3lzEm8ziw/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.pgV-E-68K-A.L.W.O/am=AMA/d=0/rs=AN8SPfo2HeflihKMbfgwV84pq3lzEm8ziw/m=el_main_css

Response headers

age
231545
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:12:42 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:12:42 GMT
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
content-type
image/png
vary
Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1842
x-xss-protection
0
server
sffe
www-player.css
www.youtube.com/s/player/29a37ef6/ Frame ED69 		500 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
13dd54e1acc89e3a21f9685ed0f71925e12e3a1959e4829a1ee0b1836ecfa205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo

Response headers

content-encoding
br
age
232403
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:58:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:58:24 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/css
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
59540
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED69 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
243913
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 12:46:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:46:34 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED69 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
245167
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 12:25:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:25:40 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
embed.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame ED69 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
04ba0ca535d50493bf84bc229298c775461f13f340ab3bc00123feba843b195e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo

Response headers

content-encoding
br
age
231535
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:12:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:12:52 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
9434
x-xss-protection
0
server
sffe
www-embed-player.js
www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/ Frame ED69 		383 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
cd1e473c3ee4a897d00c05e9b8b9dfe3a5f5885e0f4a1415432c839ca7e9cd1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo

Response headers

content-encoding
br
age
232881
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:50:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:50:26 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
115890
x-xss-protection
0
server
sffe
base.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame ED69 		3 MB
679 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
e051003bdd3106782d5ff60809f4e1471d5168ddcb6906d73058c03cfcf4d9bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo

Response headers

content-encoding
br
age
232865
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:50:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:50:42 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
694538
x-xss-protection
0
server
sffe
www-player.css
www.youtube.com/s/player/29a37ef6/ Frame 1BA3 		500 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
13dd54e1acc89e3a21f9685ed0f71925e12e3a1959e4829a1ee0b1836ecfa205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/3HkOiY9OiRo

Response headers

content-encoding
br
age
232403
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:58:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:58:24 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/css
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
59540
x-xss-protection
0
server
sffe
embed.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame 1BA3 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
04ba0ca535d50493bf84bc229298c775461f13f340ab3bc00123feba843b195e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/3HkOiY9OiRo

Response headers

content-encoding
br
age
231535
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:12:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:12:52 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
9434
x-xss-protection
0
server
sffe
www-embed-player.js
www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/ Frame 1BA3 		383 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
cd1e473c3ee4a897d00c05e9b8b9dfe3a5f5885e0f4a1415432c839ca7e9cd1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/3HkOiY9OiRo

Response headers

content-encoding
br
age
232881
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:50:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:50:26 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
115890
x-xss-protection
0
server
sffe
base.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame 1BA3 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
e051003bdd3106782d5ff60809f4e1471d5168ddcb6906d73058c03cfcf4d9bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/3HkOiY9OiRo

Response headers

content-encoding
br
age
232865
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:50:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:50:42 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
694538
x-xss-protection
0
server
sffe
www-player.css
www.youtube.com/s/player/29a37ef6/ Frame DE4B 		500 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
13dd54e1acc89e3a21f9685ed0f71925e12e3a1959e4829a1ee0b1836ecfa205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/EXJksnmgE8s

Response headers

content-encoding
br
age
232403
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:58:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:58:24 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/css
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
59540
x-xss-protection
0
server
sffe
embed.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame DE4B 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
04ba0ca535d50493bf84bc229298c775461f13f340ab3bc00123feba843b195e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/EXJksnmgE8s

Response headers

content-encoding
br
age
231535
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:12:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:12:52 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
9434
x-xss-protection
0
server
sffe
www-embed-player.js
www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/ Frame DE4B 		383 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
cd1e473c3ee4a897d00c05e9b8b9dfe3a5f5885e0f4a1415432c839ca7e9cd1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/EXJksnmgE8s

Response headers

content-encoding
br
age
232881
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:50:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:50:26 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
115890
x-xss-protection
0
server
sffe
base.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame DE4B 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
e051003bdd3106782d5ff60809f4e1471d5168ddcb6906d73058c03cfcf4d9bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/EXJksnmgE8s

Response headers

content-encoding
br
age
232865
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:50:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:50:42 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
694538
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1BA3 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
243913
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 12:46:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:46:34 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1BA3 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
245167
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 12:25:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:25:40 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DE4B 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
243913
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 12:46:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:46:34 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DE4B 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
245167
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 12:25:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:25:40 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D8XJ6Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
age
2754
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 09:45:53 GMT
alt-svc
h3=":443"; ma=2592000
date
Mon, 06 Oct 2025 07:45:53 GMT
last-modified
Tue, 15 Jul 2025 00:44:26 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20737
server
Golfe2
/
c.mgid.com/pv/ 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?pv_types=ppv&cbuster=1759739507694799302845&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413727&site=310742&cid=1625435&i=1&nullid=0&scum=%3F0&scuw=%3F0&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdf32884ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfeHlfY2VudGVyLHFfYXV0bzpnb29kLHdfMTAyMCx4XzQ1LHlfNDUvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvM...
s-img.mgid.com/g/16261823/492x277/-/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/16261823/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfeHlfY2VudGVyLHFfYXV0bzpnb29kLHdfMTAyMCx4XzQ1LHlfNDUvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvMTAxOTI0LzhmZWM2NmM4MTU4ZjczZGI4YWUzNTE2NjU3ODVjN2QwLnBuZw.webp?v=1759739507-f3qDAVQlbP0A4mTgTa8kct7nlcVMzAV7GBmt2Y-Fj5U
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.198.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d09fc9d72db46b8271af8e8629d4e98868ddbc35c30caa4a737453774ad57c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
cf-cache-status
HIT
age
518803
x-mg-request-uuid
620aff11-5056-4136-8ecf-63967e53eeb7
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/webp
last-modified
Tue, 01 Jul 2025 09:06:04 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
immutable, max-age=31536000
cf-ray
98a3cdf36879f3e3-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
27238
server
cloudflare
wr
c.mgid.com/ 		43 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/wr?cid=1625435&h2=s7yZUhxUANwxVK4CmrthwsUVPDwqR777AoPcyDFCggnqUd95bTSEBwmXOMB8XK7TtIuSe0KALFtltKUGbb_PxQ**&nocmp=1&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739507698388426138&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=b9247178-23f0-41ab-ae70-3057e9d49635&uniqId=09648&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=1728&w=370&h=357&tl=150&tlp=1&sz=367x307&szp=1&szl=1&advsrcid=6517&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdf3388bed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
adSrcNoUi.js
video-native.mgid.com/scripts/ 		1 KB
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/scripts/adSrcNoUi.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.78.30 Sydney, Australia, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache
HIT
content-encoding
gzip
etag
"56d-5b05ee52e311c-gzip"
age
116472
x-content-type-options
nosniff
traceparent
00-e87bd805bc04c2cce87d75d753c8d5ee-702a251e6ca37699-01
expires
Mon, 05 Oct 2026 00:10:36 GMT
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
application/x-javascript
last-modified
Mon, 28 Sep 2020 12:35:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-id-fe
sy4-hw-edge-gc14
cache-control
max-age=290304000, public
x-id
sy4-hw-edge-gc14
accept-ranges
bytes
access-control-allow-origin
*
content-length
481
x-cached-since
2025-10-05T00:10:36+00:00
server
nginx
styles__ltr.css
www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ Frame 8502 		81 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&co=aHR0cHM6Ly9iZWZvcmVpdHNuZXdzLmNvbTo0NDM.&hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=na6nje77w9fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
662adc43814a4e800c73cc57c6cabd06482cf9c07000621d276c205d23dbeed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
231699
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:10:08 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:10:08 GMT
last-modified
Mon, 29 Sep 2025 12:04:53 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
content-length
42483
x-xss-protection
0
server
sffe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ Frame 8502 		801 KB
342 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&co=aHR0cHM6Ly9iZWZvcmVpdHNuZXdzLmNvbTo0NDM.&hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=na6nje77w9fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
6159c42218db471f012088abd52e60fe39e5c1dcf2981ff7d80f38d8bd36a690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
231689
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:10:18 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:10:18 GMT
last-modified
Mon, 29 Sep 2025 12:04:53 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
access-control-allow-origin
*
content-length
349597
x-xss-protection
0
server
sffe
aniview.js
player.aniview.com/script/6.1/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.97 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-97.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
e2882f56597f3627f6bf5fa28e4d30039f5b98d6ba0e12bbf1236212d436556d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-goog-metageneration
2
Access-Control-Expose-Headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
Content-Encoding
gzip
x-goog-hash
crc32c=hym+dA==, md5=aaMr+qKBnIJttFmqsvBDbg==
ETag
"69a32bfaa2819c826db459aab2f0436e"
x-goog-stored-content-encoding
gzip
Expires
Mon, 06 Oct 2025 08:46:48 GMT
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600
x-goog-stored-content-length
16868
Date
Mon, 06 Oct 2025 08:31:48 GMT
Content-Type
text/javascript; charset=UTF-8
Last-Modified
Tue, 30 Sep 2025 05:46:51 GMT
Vary
Accept-Encoding
X-GUploader-UploadID
AAwnv3JHnIbEwEhyYy9yASb4pIle0ff_DH0EphkJNaONVZ-5rGtxeLa1izzIVLi77RTxIFfgqnSExoo
Cache-Control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-goog-generation
1759211211244050
Content-Length
16868
Server
UploadServer
track
track1.aniview.com/ 		0
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=66476b6442315e17210826fc&e=playerLoaded&cb=1759739507900
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Mon, 06 Oct 2025 08:31:48 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
/
c.mgid.com/vs/ 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1625435&e=inview&h=null&o={%22timeOffset%22%3A0%2C%22muidn%22%3A%22p96LFLTSByv1%22%2C%22playerEngine%22%3A%22aniview%22%2C%22adPlayer%22%3A0%2C%22uuid%22%3A%22e5d91855-a28e-11f0-a91e-d404e676c2e0%22%2C%22subId%22%3A0%2C%22sticky%22%3A1%2C%22viewable%22%3A100%2C%22tt%22%3A%22Direct%22%2C%22advsrcid%22%3A6517}&t=0&c=27434&scua=&scub=&scu=&scufvl=&scum=%253F0&scumd=&scup=&scupv=&scufv=&scuw=%253F0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdf67bd8ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
id
googleads.g.doubleclick.net/pagead/ Frame DE4B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
cd5dce272bfa4e63493507c563446bcdbd0311e0481a6751d0b59c45400b6467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
120
x-xss-protection
0
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
0
x-xss-protection
0
server
cafe
ad_status.js
static.doubleclick.net/instream/ Frame DE4B 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

age
805
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:33:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:18:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
content-type
text/javascript
cache-control
public, max-age=900
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
29
x-xss-protection
0
server
sffe
id
googleads.g.doubleclick.net/pagead/ Frame ED69
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
d7e0e042a61d6cc75ac3390529e4325175b9c39ce38caa48706df7807fb28740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
120
x-xss-protection
0
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
0
x-xss-protection
0
server
cafe
ad_status.js
static.doubleclick.net/instream/ Frame ED69 		29 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

age
805
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:33:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:18:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
content-type
text/javascript
cache-control
public, max-age=900
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
29
x-xss-protection
0
server
sffe
id
googleads.g.doubleclick.net/pagead/ Frame 1BA3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
c203b376542c8d8a66ca3bbe97839f1a344f5eb14ed3cb530f5ae887124cad56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
120
x-xss-protection
0
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
0
x-xss-protection
0
server
cafe
ad_status.js
static.doubleclick.net/instream/ Frame 1BA3 		29 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

age
805
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:33:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:18:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
content-type
text/javascript
cache-control
public, max-age=900
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
29
x-xss-protection
0
server
sffe
webworker.js
www.google.com/recaptcha/api2/ Frame 8502 		0
0
truncated
/ Frame 8502 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e583a64737d75ef361495f197e5bbe163b2abdd6dc9741daef954572f2b1dba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 8502 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
695685c0a7142eaad299469688415084bb3e6d16fd115de37f5a5bfa41778a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8502 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css

Response headers

age
244073
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 12:43:55 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:43:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
content-length
2228
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8502 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&co=aHR0cHM6Ly9iZWZvcmVpdHNuZXdzLmNvbTo0NDM.&hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&size=normal&anchor-ms=20000&execute-ms=15000&cb=na6nje77w9fa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://www.google.com
Referer
https://www.google.com/

Response headers

age
243914
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 12:46:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:46:34 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
remote.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame DE4B 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
6e8b8be74f2f49fc1920e2889fe3069eac4daa811e00f50d6dc448d48d1bf8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/EXJksnmgE8s

Response headers

content-encoding
br
age
232642
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:54:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:54:26 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
36483
x-xss-protection
0
server
sffe
YnEnp98faPAqKxg17FeCPtldw-g_I46oOi0clD2XY4k.js
www.google.com/js/th/ Frame DE4B 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/YnEnp98faPAqKxg17FeCPtldw-g_I46oOi0clD2XY4k.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
sffe /
Resource Hash
627127a7df1f68f02a2b1835ec57823ed95dc3e83f238ea83a2d1c943d976389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
br
age
231491
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:13:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:13:37 GMT
last-modified
Mon, 22 Sep 2025 09:30:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
22077
x-xss-protection
0
server
sffe
sddefault.jpg
i.ytimg.com/vi/EXJksnmgE8s/ Frame DE4B 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/EXJksnmgE8s/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.86 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f22.1e100.net
Software
sffe /
Resource Hash
915b36ccb38a5d8bede2e54d8fdef030c36f6128e191fd1673080002673e924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

etag
"1758939786"
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 10:31:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
image/jpeg
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
68133
x-xss-protection
0
server
sffe
truncated
/ Frame DE4B 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
cvahaaQdU02e_wn5tNdfnGtT6u1nHGR5A2gtmGrQe1KoVFKZPsXJwZgkIsGjU67OiO0J96SYkyM=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame DE4B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/cvahaaQdU02e_wn5tNdfnGtT6u1nHGR5A2gtmGrQe1KoVFKZPsXJwZgkIsGjU67OiO0J96SYkyM=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
fife /
Resource Hash
59be4047ffd06962e4ac4560a962fdddf43aadafe262804f5ac31f67bf1aca58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
7686
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 06:23:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 06:23:42 GMT
content-disposition
inline;filename="channels4_profile.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
2321
x-xss-protection
0
server
fife
remote.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame ED69 		121 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
6e8b8be74f2f49fc1920e2889fe3069eac4daa811e00f50d6dc448d48d1bf8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo

Response headers

content-encoding
br
age
232642
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:54:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:54:26 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
36483
x-xss-protection
0
server
sffe
YnEnp98faPAqKxg17FeCPtldw-g_I46oOi0clD2XY4k.js
www.google.com/js/th/ Frame ED69 		57 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/YnEnp98faPAqKxg17FeCPtldw-g_I46oOi0clD2XY4k.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
sffe /
Resource Hash
627127a7df1f68f02a2b1835ec57823ed95dc3e83f238ea83a2d1c943d976389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
br
age
231491
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:13:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:13:37 GMT
last-modified
Mon, 22 Sep 2025 09:30:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
22077
x-xss-protection
0
server
sffe
sddefault.jpg
i.ytimg.com/vi/2WMX5JQ2bkA/ Frame ED69 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/2WMX5JQ2bkA/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgSig_MA8=&rs=AOn4CLC_y-V7YlpVxDFnLPhoyvtgfJsD4w
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.86 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f22.1e100.net
Software
sffe /
Resource Hash
b8547962162b6985eb3089918b122551e651e21fcff1e85a316ff140905da327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

etag
"1753915293"
age
811
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 10:18:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:18:17 GMT
content-type
image/jpeg
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
53129
x-xss-protection
0
server
sffe
truncated
/ Frame ED69 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
QCtU4J0jbV46wIlACmHqrWB2Nh6mzmnUI7b57NO6xbYa3DBEqP9Xi-e-CJDVMoUgz41x2pHq5A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame ED69 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/QCtU4J0jbV46wIlACmHqrWB2Nh6mzmnUI7b57NO6xbYa3DBEqP9Xi-e-CJDVMoUgz41x2pHq5A=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
fife /
Resource Hash
16ed461dac5223710f57c6c1f66ad718a15b7ac9c4901f75137983cb593fb80c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
5249
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 07:04:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 07:04:19 GMT
content-disposition
inline;filename="channels4_profile.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
5268
x-xss-protection
0
server
fife
remote.js
www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/ Frame 1BA3 		121 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
6e8b8be74f2f49fc1920e2889fe3069eac4daa811e00f50d6dc448d48d1bf8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/3HkOiY9OiRo

Response headers

content-encoding
br
age
232642
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 15:54:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 15:54:26 GMT
last-modified
Wed, 01 Oct 2025 04:21:37 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
36483
x-xss-protection
0
server
sffe
YnEnp98faPAqKxg17FeCPtldw-g_I46oOi0clD2XY4k.js
www.google.com/js/th/ Frame 1BA3 		57 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/YnEnp98faPAqKxg17FeCPtldw-g_I46oOi0clD2XY4k.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
sffe /
Resource Hash
627127a7df1f68f02a2b1835ec57823ed95dc3e83f238ea83a2d1c943d976389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
br
age
231491
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:13:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:13:37 GMT
last-modified
Mon, 22 Sep 2025 09:30:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
22077
x-xss-protection
0
server
sffe
sddefault.jpg
i.ytimg.com/vi/3HkOiY9OiRo/ Frame 1BA3 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/3HkOiY9OiRo/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.86 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f22.1e100.net
Software
sffe /
Resource Hash
4750bf53cf1de058f1f39f7c135e4a53e65d0aeed4b53db01be4c04fe7f40b43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

etag
"1758944638"
age
1216
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 10:11:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:11:32 GMT
content-type
image/jpeg
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
38062
x-xss-protection
0
server
sffe
truncated
/ Frame 1BA3 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
AIdro_lxNXj-pSV2CB6XVZFutzTEATq5HTy6lP4vlFd0rNmnyw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1BA3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIdro_lxNXj-pSV2CB6XVZFutzTEATq5HTy6lP4vlFd0rNmnyw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
fife /
Resource Hash
d017330bb33c1138bf56dc732e0addb17fcf6f7e0a60d2f4b46a12f8dd7dc29c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1c"
age
8147
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 06:16:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 06:16:01 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4722
x-xss-protection
0
server
fife
collect
www.google-analytics.com/j/ 		15 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j102&a=579479656&t=pageview&_s=1&dl=https%3A%2F%2Fbeforeitsnews.com%2F&ul=en-au&dt=Before%20It%27s%20News%20%7C%20People%20Powered%20News&sr=1600x1200&vp=1600x1200&_u=YEBAAEABAAAAACAAI~&jid=1263024690&gjid=1767849472&cid=1826738370.1759739509&tid=UA-16055024-1&_gid=2050923106.1759739509&_r=1&_slc=1&gtm=45He5a11n815D8XJ6Qv862245780za200zd862245780&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~102015666~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115834636~115834638&z=674837980
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
244e78367abd0c19f7f065ea29e6fb5433d63dda554f728d53daec8bea9aab43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://beforeitsnews.com/

Response headers

report-to
{"group":"ascnsrsgac:211:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:211:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:48 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:211:0
access-control-allow-origin
https://beforeitsnews.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:211:0
content-length
15
server
Golfe2
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame DE4B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:31:48 GMT
alt-svc
h3=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="cloudview"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges
bytes
content-length
2007
x-xss-protection
0
server
sffe
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame ED69 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:31:48 GMT
alt-svc
h3=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="cloudview"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges
bytes
content-length
2007
x-xss-protection
0
server
sffe
supply
events.browsiprod.com/events/v2/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=916d0174-a1a5-43c1-8fa4-2f65aafecb34
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.49.1155.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.77.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-77-25.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://beforeitsnews.com/

Response headers

date
Mon, 06 Oct 2025 08:31:48 GMT
access-control-allow-origin
https://beforeitsnews.com
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.49.1155.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.51.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-51-50.cgk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
age
11958
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
eyd6nSr4VBQw5JK7gSxOkqC0LZB3hR0UbQZ5OfugOm_dzZYYlQwTpg==
date
Mon, 06 Oct 2025 05:12:32 GMT
content-type
application/javascript
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
via
1.1 71ea3e8074097a07adf722cf738708f8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
CGK50-P4
server
AmazonS3
web-vitals-4.2.3.js
cdn.browsiprod.com/web-vitals/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/web-vitals/web-vitals-4.2.3.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.49.1155.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.51.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-51-50.cgk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cf3e6d0ce85a08fee4fd2a90152a1a50e8b829c10003981d8f79da6cc2e874c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

vary
accept-encoding, Origin
content-encoding
gzip
etag
W/"368295c3c1ca25cab006d95cf23bf675"
x-amz-version-id
auY5YQzsiUXHB2pR679xyleBGL_hEO7t
age
51552
via
1.1 529d5b169df066996e42daaa639c401e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
qnrBN1I5khwdEPOdhgHFh9i4PFJo1UH73o8YyB3GldxW-FuKqJzeGA==
date
Sun, 05 Oct 2025 18:12:37 GMT
content-type
application/javascript
last-modified
Mon, 26 Aug 2024 12:35:42 GMT
server
AmazonS3
x-amz-cf-pop
CGK50-P4
x-amz-server-side-encryption
AES256
supply
events.browsiprod.com/events/v2/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=916d0174-a1a5-43c1-8fa4-2f65aafecb34
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.49.1155.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.77.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-77-25.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://beforeitsnews.com/

Response headers

date
Mon, 06 Oct 2025 08:31:49 GMT
access-control-allow-origin
https://beforeitsnews.com
access-control-allow-credentials
true
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1BA3 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:31:48 GMT
alt-svc
h3=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="cloudview"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges
bytes
content-length
2007
x-xss-protection
0
server
sffe
generate_204
www.youtube.com/ Frame DE4B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?M5-rUw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EXJksnmgE8s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/EXJksnmgE8s

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 06 Oct 2025 08:31:48 GMT
cross-origin-resource-policy
cross-origin
generate_204
www.youtube.com/ Frame ED69 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?kM4YSg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 06 Oct 2025 08:31:48 GMT
cross-origin-resource-policy
cross-origin
generate_204
www.youtube.com/ Frame 1BA3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?w_EeCw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3HkOiY9OiRo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/3HkOiY9OiRo

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 06 Oct 2025 08:31:48 GMT
cross-origin-resource-policy
cross-origin
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
HIT
etag
W/"617c205137825561208ef7c1a2d8f319"
x-amz-version-id
null
age
1274
expires
Tue, 07 Oct 2025 08:31:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
MOk8JprxYEf86XFfW6gaMV7PDAFH+nfN1y18kUUPHeKJTBLb4OqcZfd8Z+sAuLP+dCRy+MR6JS0=
cache-control
public, max-age=86400
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
x-amz-request-id
B99PEW4Y8WBE0EX0
cf-ray
98a3cdef1ca2ed6c-ADL
access-control-allow-origin
*
server
cloudflare
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
HIT
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
x-amz-version-id
null
age
1744
expires
Tue, 07 Oct 2025 08:31:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:47 GMT
content-type
image/svg+xml
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
Aj+MGb8fhzwGobiOfqSi4bEgmKJcctv2bzMy++xe5ESXAt7/2CdlKxXzuAggpNlB4SeXta4vT3I=
cache-control
public, max-age=86400
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
x-amz-request-id
B99P803ZT0F1YF9S
cf-ray
98a3cdef1ca0ed6c-ADL
access-control-allow-origin
*
server
cloudflare
log
play.google.com/ Frame DE4B 		131 B
723 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?hasfast=true&authuser=0&format=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.youtube.com/

Response headers

x-frame-options
SAMEORIGIN
cache-control
private
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Mon, 06 Oct 2025 08:31:49 GMT
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length
131
date
Mon, 06 Oct 2025 08:31:49 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
js
www.googletagmanager.com/gtag/ 		381 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X6HC1RQLPR&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ec43b39fed1f258fb868488cd4877a654ecac398eaf94ab402cc3e3ee65f9ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Mon, 06 Oct 2025 08:31:49 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136777
date
Mon, 06 Oct 2025 08:31:49 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
log
play.google.com/ Frame ED69 		131 B
438 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?hasfast=true&authuser=0&format=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.youtube.com/

Response headers

x-frame-options
SAMEORIGIN
cache-control
private
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Mon, 06 Oct 2025 08:31:49 GMT
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length
131
date
Mon, 06 Oct 2025 08:31:49 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 1BA3 		131 B
435 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?hasfast=true&authuser=0&format=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.youtube.com/

Response headers

x-frame-options
SAMEORIGIN
cache-control
private
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Mon, 06 Oct 2025 08:31:49 GMT
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length
131
date
Mon, 06 Oct 2025 08:31:49 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
cast_sender.js
www.gstatic.com/eureka/clank/141/ Frame DE4B 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/141/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
27eafab24d0d0ade3298908eac73e3652dd1a45c02b5f4125eabb37a9fd03b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
age
70737
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:52:51 GMT
alt-svc
h3=":443"; ma=2592000
date
Sun, 05 Oct 2025 12:52:51 GMT
last-modified
Mon, 22 Sep 2025 15:06:28 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges
bytes
content-length
13850
x-xss-protection
0
server
sffe
cast_sender.js
www.gstatic.com/eureka/clank/141/ Frame ED69 		48 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/141/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
27eafab24d0d0ade3298908eac73e3652dd1a45c02b5f4125eabb37a9fd03b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
age
70737
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:52:51 GMT
alt-svc
h3=":443"; ma=2592000
date
Sun, 05 Oct 2025 12:52:51 GMT
last-modified
Mon, 22 Sep 2025 15:06:28 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges
bytes
content-length
13850
x-xss-protection
0
server
sffe
cast_sender.js
www.gstatic.com/eureka/clank/141/ Frame 1BA3 		48 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/141/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
27eafab24d0d0ade3298908eac73e3652dd1a45c02b5f4125eabb37a9fd03b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
age
70737
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 12:52:51 GMT
alt-svc
h3=":443"; ma=2592000
date
Sun, 05 Oct 2025 12:52:51 GMT
last-modified
Mon, 22 Sep 2025 15:06:28 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges
bytes
content-length
13850
x-xss-protection
0
server
sffe
aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8zOjIsY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC8xMDE5MjQvOWI5N...
s-img.mgid.com/g/16000508/492x328/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/16000508/492x328/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8zOjIsY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNC8xMDE5MjQvOWI5NzYxZTIxM2JkYjRiMmViMmY1Y2Y3MDdkNjdlNzguanBn.webp?v=1759739507-zQaA4us_-7jquzCI5IYRf2L4INSb1nbmprq_w0l8jlg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.198.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f936cc718e8903ff823b42b4d1e365b2fc9966966be07891d5d3a8e3b9c7cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
cf-cache-status
HIT
x-mg-request-uuid
62b18fb2-eab5-4696-9443-143fd5252d40
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/webp
last-modified
Tue, 01 Jul 2025 07:37:50 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
immutable, max-age=31536000
cf-ray
98a3cdfb1998f3e3-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
12358
server
cloudflare
wr
c.mgid.com/ 		43 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/wr?cid=720413&h2=s7yZUhxUANwxVK4CmrthwgG601K7c-ZOwk9lvH8i4EnqUd95bTSEBwmXOMB8XK7Tt-5-8n6bzzm6vQTAvtIlhQ**&cmpreason=wvz&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739508958596956240&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=c1f70777-440c-405a-b9c0-10febd90f86f&uniqId=14695&childs=1809347&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=2988&w=370&h=345&tl=150&tlp=1&sz=367x319&szp=1&szl=1&advsrcid=6517&muid=p96LFLTSByv1&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdfb18bded6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cHM6Ly9pbWdob3N0cy5jb20vdC8yMDI1LTA2LzEwMTkyNC9lM...
s-img.mgid.com/g/24239326/492x277/-/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/24239326/492x277/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8xNjo5LGNfZmlsbCxlX3NoYXJwZW46MTAwLGZfanBnLGdfZmFjZXM6YXV0byxxX2F1dG86Z29vZCx3XzEwMjAvaHR0cHM6Ly9pbWdob3N0cy5jb20vdC8yMDI1LTA2LzEwMTkyNC9lMTZlMWJlYzY1YmQ4MDJhMDQzOTAxODE3NmU3NDA4MC5qcGc.webp?v=1759739507-VeB-DJIBceucZ-FZDbzcTgSuYfTejmwcPaDnT90VqGg
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.198.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bfddfae3bf1edcb4f3734f7529f5a4d69647f71d14d982697fb4313d0971814
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
cf-cache-status
HIT
age
661882
x-mg-request-uuid
70662765-bd1f-4f7b-b722-14427cbbeb33
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
image/webp
last-modified
Fri, 25 Jul 2025 08:13:18 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
immutable, max-age=31536000
cf-ray
98a3cdfb19b9f3e3-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
6904
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC80YTk1MWFiN2Y5NDlkYzUzNTlhMDQzOTg0MzllZmMwMi5wbmc.webp
s-img.mgid.com/g/8164926/492x277/0x76x597x336/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164926/492x277/0x76x597x336/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC80YTk1MWFiN2Y5NDlkYzUzNTlhMDQzOTg0MzllZmMwMi5wbmc.webp?v=1759739507-Z1cWs68AJnrlJNxQMqRtkmZUIrY6f3ok8NBKWzj_2fI
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.198.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc09ff251b83aa46f1a2357491a615dc13b2a080c030d21ed7d49b2d882bd62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
cf-cache-status
HIT
age
659147
x-mg-request-uuid
09d7dbb3-b068-48e3-beba-fec63453ba9e
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:48 GMT
content-type
image/webp
last-modified
Sun, 18 May 2025 02:23:19 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
immutable, max-age=31536000
cf-ray
98a3cdfb19bef3e3-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
13598
server
cloudflare
wr
c.mgid.com/ 		43 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/wr?cid=351459&h2=s7yZUhxUANwxVK4CmrthwsUVPDwqR777AoPcyDFCggm0S7QsOb4TyE5H_wq1CwLYI443-7j0lvgbq9fLMpTV5w**&cmpreason=wvz&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739508963933765381&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=a74d1d0f-fca1-4d20-9aa2-f125469c0de5&childs=1808921&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=2993&w=370&h=1157&tl=150&tlp=1,2,3,4&sz=367x283&szp=1,2,3,4&szl=1;2;3;4&advsrcid=6517&muid=p96LpgMuKlv1&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdfb18c2ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8zOjIsY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvNTFiM...
s-img.mgid.com/g/13054730/480x320/-/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13054730/480x320/-/aHR0cHM6Ly9jbC5pbWdob3N0cy5jb20vaW1naC9pbWFnZS9mZXRjaC9hcl8zOjIsY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvNTFiMmU3MjNlYWRlNTcxNDdjOGQ5OTk3OGQ1YWFjZWYuanBlZw.webp?v=1759739507-_nDePGW2FKD7kb8bZBSDHJO8hBOmDd6o6XOpMBl07Pk
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.198.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d1c3611aaef480ee2c55e99ccc164fd9fd744a9c0dd035692606b59759be4c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://beforeitsnews.com
Referer
https://beforeitsnews.com/

Response headers

x-robots-tag
noindex
cf-cache-status
HIT
x-mg-request-uuid
468f82e3-bdb1-4077-8690-08d33c5c9b38
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/webp
last-modified
Fri, 26 Sep 2025 10:27:21 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
immutable, max-age=31536000
cf-ray
98a3cdfb29c5f3e3-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
21996
server
cloudflare
wr
c.mgid.com/ 		43 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/wr?cid=720415&h2=s7yZUhxUANwxVK4CmrthwgG601K7c-ZOwk9lvH8i4EnqUd95bTSEBwmXOMB8XK7Tt-5-8n6bzzm6vQTAvtIlhQ**&nocmp=1&sessionId=68e37e73-1429d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&cbuster=1759739508967469177850&pvid=a321d34c-a1fc-4563-93a1-cc22582f1924&implVersion=17&lct=1759413720&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=48c61407-2838-4497-86a7-5e7e6dda980e&uniqId=0273d&niet=4g&nisd=false&jsp=head&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=a84c6ce2&tfre=2997&w=370&h=367&tl=150&tlp=1,2&sz=182x327&szp=1,2&szl=1,2&gptbid=1821722&advsrcid=6517&muid=p96L3f5yqqv1&cxurl=https%3A%2F%2Fbeforeitsnews.com%2F&ref=&lu=https%3A%2F%2Fbeforeitsnews.com%2F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdfb28c4ed6c-ADL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
43
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
bdf1b49eafa6958f810e29652f59bca7.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-01/101924/ 		206 KB
207 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-01/101924/bdf1b49eafa6958f810e29652f59bca7.mp4?v=1759739507-Phe9eP_Uwa9e58T7H5q_ETVvdeTkwbouUD4CXrYm3fI
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.34.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ebbc22ef58c328703ff4d227e380aad6bc47b954c67043bd3704a03714bdb82
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-robots-tag
noindex
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
cf-cache-status
HIT
etag
"698ef71c6c10cfae65673322bb9c8ab7"
age
2098102
x-content-type-options
nosniff
server-timing
cld-akam;mitm=co;dur=188;cpu=79;start=2025-07-06T06:45:06.726Z;desc=miss,rtt;dur=0,content-info;desc="width=680,height=382,abps=63939,fps=6.667,du=3.3,vc=\"h264\",bytes=210999,owidth=916,oheight=488,oabps=211125,ofps=6.667,odu=3.3,ovc=\"h264\",obytes=696714,oformat=\"mp4\",ef=(18,61,65)",cloudinary;dur=73;start=2025-07-06T06:45:06.814Z, cfExtPri
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
video/mp4;codecs=avc1
last-modified
Tue, 14 May 2024 05:56:40 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000, no-transform
timing-allow-origin
*
Content-Range
bytes 0-210998/210999
cf-ray
98a3cdfb5b44ec7f-ADL
access-control-allow-origin
*
Content-Length
210999
server
cloudflare
9f319bb183cc902bcc01b485a4160f45.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2024-08/101924/ 		56 KB
56 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2024-08/101924/9f319bb183cc902bcc01b485a4160f45.mp4?v=1759739507-_j1lnuVQZm6dCcxIZx60W-bJ4tpDWS52pt0_3-Q0Crk
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.34.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
421e21a160132af07caa978b125e1a6373d8addd012502a42a657f2f7dc67948
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-robots-tag
noindex
x-request-id
358b3625275e3460d842d3d8b59c8c9e
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cf-cache-status
HIT
etag
"e01dfa0a1d73cbb374641ef0e70f14e1"
age
2096808
x-content-type-options
nosniff
server-timing
cld-cloudflare;mitm=c;dur=28;start=2025-07-12T18:28:26.482Z;desc=hit,content-info;desc="width=680,height=382,abps=11432,fps=30.0,du=5.0,vc="h264",bytes=57158,owidth=960,oheight=540,oabps=93421,ofps=30.0,odu=5.0,ovc="h264",obytes=467104,oformat="mp4",ef=(18,61,65);", cfExtPri
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
video/mp4;codecs=avc1
last-modified
Thu, 01 Aug 2024 19:26:18 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000, no-transform
timing-allow-origin
*
Content-Range
bytes 0-57157/57158
cf-ray
98a3cdfb5b45ec7f-ADL
access-control-allow-origin
*
Content-Length
57158
server
cloudflare
http%3A%2F%2Fimghosts.com%2Ft%2F2022-05%2F101924%2Fc7143a1c2008731dda143395ac680226.gif
cl.imghosts.com/imgh/image/fetch/ar_3:2,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/ 		183 KB
184 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/image/fetch/ar_3:2,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-05%2F101924%2Fc7143a1c2008731dda143395ac680226.gif?v=1759739507-QXwUR-1UpI2FEf4JjcDQ8ap0qBYxxiE4_-PS52eZoBA
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.34.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad249d0b52fc91fc75f57e66e28324543786caf7f91f58f464495e245512670
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beforeitsnews.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-robots-tag
noindex
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cf-cache-status
HIT
etag
"f83d747064d42a45c72f887c9cc94c2c"
age
230724
x-content-type-options
nosniff
server-timing
cld-cloudflare;mitm=c;dur=131;start=2025-08-26T05:40:42.518Z;desc=miss,content-info;desc="width=960,height=640,du=1.15,bytes=187697,fr=23,abps=163215,vc="h264",fps=20.0,obytes=2596886,ef=(3,17,23,30);";cloudinary;dur=105;start=2025-08-26T05:40:42.542Z, cfExtPri
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
video/mp4
last-modified
Mon, 13 May 2024 02:02:05 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000, no-transform
timing-allow-origin
*
Content-Range
bytes 0-187696/187697
cf-ray
98a3cdfb5b46ec7f-ADL
access-control-allow-origin
*
Content-Length
187697
server
cloudflare
i.js
cm.mgid.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?muid=p96LFLTSByv1&cbuster=1759739508993779208165
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc99cedcdb1e5781e4ea12137e07dce3da5b6f6eba8e172031821b9be4b9b5c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3cdfb58eded6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/310742.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.169.55 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85923d2029e9bfdd417506872899d7e494162b5ca2133c6a9014720cdec0747b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-amz-id-2
EUU+fXIm/laS0Wyrzg8KwZSMvNKKsHK90JHNohoKhBkq7vTpyuYnk/PYSwccSIDEWPT0fq6iQ3ACYZUA4QmQAlkcwGfMTgppYwy68mboOOM=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"60a50bc73c3764300939d11a7b938567"
age
3411
x-amz-request-id
BRJ5JN0D0CZFZB5J
cf-ray
98a3cdfbbc2e979c-ADL
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 01 Oct 2025 09:17:22 GMT
vary
accept-encoding
server
cloudflare
x-amz-server-side-encryption
AES256
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
age
373
expires
Wed, 05 Nov 2025 08:31:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/css
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=2592000
via
1.1 google
cf-ray
98a3cdfb6a9155f0-ADL
server
cloudflare
gpt-log
c.mgid.com/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/gpt-log?event=no_load_gpt_ssp&height=5346&widget=720415&rid=e5da6c8b-a28e-11f0-a91e-d404e676c2e0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdfbe96bed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
server
cloudflare
priority
u=3,i
bframe
www.google.com/recaptcha/api2/ Frame E915 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&bft=0dAFcWeA4bRNp99Geww5aS6C-WaSIyUq14bTCaveEXXxCL20DUxT8rxT9xkSWor9KhXPe5MNesTyYQzWbePG7IJNsq__ycD5YNAg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
ESF /
Resource Hash
030e646d59c6c490dcb769b6ab6048c86dba224a5bc313997ae510c021316155
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d2YT55wZ3ZcMKUSPOr1KiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-d2YT55wZ3ZcMKUSPOr1KiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Oct 2025 08:31:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
icon
onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/ 		44 B
757 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/8227a7ab-148a-4916-95eb-5258942079c4/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-request-id
384cab96-eb1b-4bc6-9a0b-5cb8b3a9bb46
cf-cache-status
REVALIDATED
etag
W/"e51140cdcd044ad76335646936ec5319"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.013924
priority
u=1,i
access-control-allow-headers
SDK-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
98a3cdfc7fc7ec86-ADL
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
44
x-xss-protection
1; mode=block
server
cloudflare
AVmanager.js
player.aniview.com/script/6.1/ Frame E6DA 		568 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.46.179.97 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-97.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
b89a194be793053124c18d4ecb81a272fa78970f540d60e4c814da741c3ee864

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=30sR4w==, md5=wYBgbP+0S1sXNpCRASBhaw==
etag
"c180606cffb44b5b173690910120616b"
x-goog-stored-content-encoding
gzip
expires
Mon, 06 Oct 2025 08:46:49 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600
x-goog-stored-content-length
170712
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 30 Sep 2025 05:46:51 GMT
vary
Accept-Encoding
x-guploader-uploadid
AAwnv3IzFdlsDqE9Tz1OVq5eMBAM6mTTiYoy5MEQ9-FYPUN7NCWxxd8zKA3vpaQOWm_FED2Q
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1759211211457785
content-length
170712
server
UploadServer
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1BA3 		98 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
41fb92d7fbe3c3cb4ca533fcd891af162afaf2e984155ddef8e0d4e16ef6d0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46217
date
Mon, 06 Oct 2025 08:31:49 GMT
x-xss-protection
0
content-type
application/json+protobuf; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 06 Oct 2025 08:31:49 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 5EC0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=p96LFLTSByv1&cbuster=1759739508993779208165
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.225.135 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-135.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Mon, 06 Oct 2025 08:31:49 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 06 Oct 2025 08:31:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame FC51 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=p96LFLTSByv1&cbuster=1759739508993779208165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
75f857f17b2b9c4d61385cd7a8ba7113749f1e1fba8a96d026d140f2d1722355
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
br
content-length
1539
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
onetag-sys.com/match/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FCRTYwQkUtNzFFNC00QTI3LUIwRjAtMTEwNjgwOTJCOEE4&gdpr=0&gdpr_consent=&google_cm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEELfR4kihAw5gxtvAaUC4y8&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENrthwBPhd_hknTPn-MzMx4&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=16070400; includeSubDomains
location
https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
137
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
text/html; charset=utf-8
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=f1bb9441-86b6-4c22-bc2c-76ae2da8993a
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=f1bb9441-86b6-4c22-bc2c-76ae2da8993a
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce068c56ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//cm.mgid.com/m?cdsp=287839&c=f1bb9441-86b6-4c22-bc2c-76ae2da8993a
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:50 GMT
712056.gif
id.rlcdn.com/ 		42 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712056.gif?
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=aa3c3ad3-f5cd-409c-b7c1-06fcba9bd4f9
43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=aa3c3ad3-f5cd-409c-b7c1-06fcba9bd4f9
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce008e7aed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

access-control-allow-origin
*
location
https://cm.mgid.com/m?cdsp=665953&c=aa3c3ad3-f5cd-409c-b7c1-06fcba9bd4f9
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/plain
server
elb
m
cm.mgid.com/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=155&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834126%26c%3D%5Bsas_sync_pid%5D%26nwid%3D4577
  • https://cm.mgid.com/m?cdsp=834126&c=7351158019067125747&nwid=4577
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834126&c=7351158019067125747&nwid=4577
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce00cea9ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

cache-control
no-cache,no-store
location
https://cm.mgid.com/m?cdsp=834126&c=7351158019067125747&nwid=4577
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 06 Oct 2025 08:31:49 GMT
pragma
no-cache
m
cm.mgid.com/
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=219216&t=image&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834154%26c%3D%7BUID%7D
  • https://ads.betweendigital.com/match?bidder_id=45708&callback_url=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D219216%26dsp%3D679288%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=45708&callback_url=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D219216%26dsp%3D679288%26t%3Dimage%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-2859182635338343684
  • https://sync.adkernel.com/user-sync?zone=219216&dsp=679288&t=image&uid=b58191c7-a671-5417-ac31-6353c4d21d25
  • https://cm.mgid.com/m?cdsp=834154&c=A9142867819497020259
43 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834154&c=A9142867819497020259
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce088ec6ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

Cache-Control
no-store
Location
https://cm.mgid.com/m?cdsp=834154&c=A9142867819497020259
Content-Length
0
Date
Mon, 06 Oct 2025 08:31:51 GMT
Server
nginx
Connection
close
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
43 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce089ed2ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://cm.mgid.com/m?cdsp=501037&c=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
content-length
0
date
Mon, 06 Oct 2025 08:31:50 GMT
pragma
no-cache
vary
Accept-Encoding
m
cm.mgid.com/
Redirect Chain
  • https://cm.rtbsystem.com/mgid?c=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D
  • https://cm.mgid.com/m?cdsp=556372&c=ec0d339d-047a-5571-aa0b-c3f152293bf0
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=556372&c=ec0d339d-047a-5571-aa0b-c3f152293bf0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3cdfecc58ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
location
https://cm.mgid.com/m?cdsp=556372&c=ec0d339d-047a-5571-aa0b-c3f152293bf0
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QYPO%2BqYkJVMvo0847TizST71q87SdLbBMcBAaBYzTY9q8OfQvn%2FjpGzY6ewyr%2BK1aoD93LKSwoUu%2B9cGGJEcqCLMpOMQvqObowOF6veA"}]}
x-content-type-options
nosniff
cf-ray
98a3cdfcefd3ed72-ADL
alt-svc
h3=":443"; ma=86400
content-length
43
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/gif
server
cloudflare
sync
pippio.com/api/
Redirect Chain
  • https://idsync.rlcdn.com/712107.gif?partner_uid=p96LtZgPtkv1&
  • https://idsync.rlcdn.com/1000.gif?memo=CKu7KxIYChQIARDDoQoaDHA5Nkx0WmdQdGt2MRAAGg0I9fyNxwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=14435759fa97744b70d45a3166cc9674b99f170900432a6402dd6fdfb54a1bcd791426b5417dce21&_=2
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=14435759fa97744b70d45a3166cc9674b99f170900432a6402dd6fdfb54a1bcd791426b5417dce21&_=2
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
107.178.254.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=14435759fa97744b70d45a3166cc9674b99f170900432a6402dd6fdfb54a1bcd791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Mon, 06 Oct 2025 08:31:49 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.360yield.com/match?external_user_id=p96LtZgPtkv1&publisher_dsp_id=489&dsp_callback=1&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834124%26c%3D%7BPUB_USER_ID%7D
  • https://match.360yield.com/ul_cb/match?external_user_id=p96LtZgPtkv1&publisher_dsp_id=489&dsp_callback=1&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834124%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=834124&c=288cdc37-9226-4df9-8657-f69dcdb6ffcc
43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834124&c=288cdc37-9226-4df9-8657-f69dcdb6ffcc
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce01af8aed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

access-control-allow-origin
*
location
https://cm.mgid.com/m?cdsp=834124&c=288cdc37-9226-4df9-8657-f69dcdb6ffcc
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/plain
server
elb
m
cm.mgid.com/
Redirect Chain
  • https://visitor-mgid.omnitagjs.com/visitor/bsync?uid=98ca793505bd269c5f409678d39eb6e5&name=mgid&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834135%26c%3D%5BBUYER_ID%5D
  • https://cm.mgid.com/m?cdsp=834135&c=668353ff54d41da8e4176c1e58e5363e
43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834135&c=668353ff54d41da8e4176c1e58e5363e
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce061bf9ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

location
https://cm.mgid.com/m?cdsp=834135&c=668353ff54d41da8e4176c1e58e5363e
x-kong-request-id
e5215031476d2b24a9f9c72763ad5d48
via
1.1 kong/3.9.1
x-kong-upstream-latency
1
x-kong-proxy-latency
0
content-length
0
p3p
CP="CAO PSA OUR"
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
text/html; charset=UTF-8
server
fasthttp
m
cm.mgid.com/
Redirect Chain
  • https://cm.idealmedia.io/i.gif?muidf=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D3ABE60BE-71E4-4A27-B0F0-11068092B8A8
  • https://cm.mgid.com/m?cdsp=712807&c=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
43 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=712807&c=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce088ecbed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
location
https://cm.mgid.com/m?cdsp=712807&c=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 06 Oct 2025 08:31:51 GMT
server
nginx
m
cm.mgid.com/
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834139%26c%3D%5BPDID%5D
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834139%26c%3D%5BPDID%5D&rd=1
  • https://cm.mgid.com/m?cdsp=834139&c=2c589af1-0c32-42da-b8d9-1zz1759739485
43 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834139&c=2c589af1-0c32-42da-b8d9-1zz1759739485
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce0c6a23ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

location
https://cm.mgid.com/m?cdsp=834139&c=2c589af1-0c32-42da-b8d9-1zz1759739485
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 06 Oct 2025 08:31:25 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.1.30
server
nginx/1.14.1
m
cm.mgid.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.mgid.com/m?cdsp=834104&c=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834104%26c%3D%24UID
  • https://cm.mgid.com/m?cdsp=834104&c=4252718363418789094
43 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834104&c=4252718363418789094
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce0cea92ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

cache-control
no-store, no-cache, private
location
https://cm.mgid.com/m?cdsp=834104&c=4252718363418789094
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.25.57.133; 103.25.57.133; 1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
39f291f9-c385-4372-9919-4eb13bf12c94
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 06 Oct 2025 08:31:51 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=cDk2THRaZ1B0a3Yx&muidn=p96LtZgPtkv1&gdpr=0&gdpr_consent=
  • https://cm.mgid.com/google?muidn=p96LtZgPtkv1&gdpr=0&gdpr_consent=&google_ula={guid},5&google_gid=CAESEN74Jv_138RFjYtfrOrWDTs&google_cver=1
0
0
m
cm.mgid.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D472e56d9-7f44-...
  • https://rtb.openx.net/sync/prebid?gdpr=0&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D472e56d9-7f44-409b-9a75-c6212aa...
  • https://prebid.a-mo.net/cchain/0/1689?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=openx&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=74e...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%...
  • https://prebid.a-mo.net/cchain/1/1689?A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=pubmatic&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&uid=&us_privacy=...
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D472e56d9-7f44-409b-9a75-c...
  • https://prebid.a-mo.net/cchain/4/1689?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=amx_com&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=4...
  • https://ads.yieldmo.com/pbsync?is=adptmx&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%...
  • https://prebid.a-mo.net/cchain/5/1689?gpp=&gdpr_consent=&gpp_sid=&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=yieldmo&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=xeh3tmm2z3mFFLwlFRyv...
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F1689%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1---%26A%3D472e...
  • https://prebid.a-mo.net/cchain/7/1689?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=1---&A=472e56d9-7f44-409b-9a75-c6212aa7bf54&bidder=adform&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&ui...
  • https://cm.mgid.com/m?cdsp=779131&c=472e56d9-7f44-409b-9a75-c6212aa7bf54&us_privacy=1---&gdpr=0
43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=779131&c=472e56d9-7f44-409b-9a75-c6212aa7bf54&us_privacy=1---&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce21fd52ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:55 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

cache-control
max-age=0, private, must-revalidate
location
https://cm.mgid.com/m?cdsp=779131&c=472e56d9-7f44-409b-9a75-c6212aa7bf54&us_privacy=1---&gdpr=0
content-length
0
date
Mon, 06 Oct 2025 08:31:54 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding
server
envoy
m
cm.mgid.com/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/mgid/?puid=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D
  • https://b1sync.outbrain.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&puid=p96LtZgPtkv1&s=2&us_privacy=
  • https://b1sync.zemanta.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&obuid=701551d4-68d4-4860-bcec-b83510c4d54e&puid=p96LtZgPtkv1&s=2&...
  • https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce175be9ed6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:53 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
location
https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
pragma
no-cache
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
CP="We do not support P3P header."
content-length
83
date
Mon, 06 Oct 2025 08:31:53 GMT
content-type
text/html; charset=utf-8
styles__ltr.css
www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ Frame E915 		81 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&bft=0dAFcWeA4bRNp99Geww5aS6C-WaSIyUq14bTCaveEXXxCL20DUxT8rxT9xkSWor9KhXPe5MNesTyYQzWbePG7IJNsq__ycD5YNAg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
662adc43814a4e800c73cc57c6cabd06482cf9c07000621d276c205d23dbeed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
231699
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:10:08 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:10:08 GMT
last-modified
Mon, 29 Sep 2025 12:04:53 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
content-length
42483
x-xss-protection
0
server
sffe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/ Frame E915 		801 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&bft=0dAFcWeA4bRNp99Geww5aS6C-WaSIyUq14bTCaveEXXxCL20DUxT8rxT9xkSWor9KhXPe5MNesTyYQzWbePG7IJNsq__ycD5YNAg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
6159c42218db471f012088abd52e60fe39e5c1dcf2981ff7d80f38d8bd36a690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
231689
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 16:10:18 GMT
alt-svc
h3=":443"; ma=2592000
date
Fri, 03 Oct 2025 16:10:18 GMT
last-modified
Mon, 29 Sep 2025 12:04:53 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
access-control-allow-origin
*
content-length
349597
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E915 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Jv8jlA-BQE5JD6rA-h_iqNH2&k=6LeSJMsnAAAAANZYYVYp-X8u-Yf6zH7EgNYLmXGh&bft=0dAFcWeA4bRNp99Geww5aS6C-WaSIyUq14bTCaveEXXxCL20DUxT8rxT9xkSWor9KhXPe5MNesTyYQzWbePG7IJNsq__ycD5YNAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://www.google.com
Referer
https://www.google.com/

Response headers

age
243914
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Oct 2026 12:46:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Oct 2025 12:46:34 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je5a11h1v9134588528za200&_p=1759739506608&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&ul=en-au&sr=1600x1200&cid=1826738370.1759739509&uaa=&...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=6527909806820550443&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=6527909806820550443&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgnc:90:0
content-length
0
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=6527909806820550443&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsggc:158:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:158:0
content-length
463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
549 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X6HC1RQLPR&cid=1826738370.1759739509&gtm=45je5a11h1v9134588528za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115497442~115834636~115834638
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6HC1RQLPR&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:127:0
report-to
{"group":"ascnsrsggc:127:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:127:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://beforeitsnews.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:127:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
text/plain
server
Golfe2
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je5a11h1v9134588528za200&_p=1759739506608&gcd=13l3l3l3l2l1&npa=0&dma=0&ul=en-au&sr=1600x1200&cid=1826738370.1759739509&uaa=&uab=&ua...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=6355778885062274521&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=6355778885062274521&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgnc:90:0
content-length
0
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=6355778885062274521&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsggc:158:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:158:0
content-length
463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-X6HC1RQLPR&gtm=45je5a11h1v9134588528za200&_p=1759739506608&gcd=13l3l3l3l2l1&npa=0&dma=0&ul=en-au&sr=1600x1200&cid=1826738370.1759739509&uaa=&uab=&ua...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=13975764842682739195&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=13975764842682739195&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgnc:90:0
content-length
0
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1826738370.1759739509&dbk=13975764842682739195&dma=0&en=page_view&gtm=45je5a11h1v9134588528za200&npa=0&tid=G-X6HC1RQLPR&dl=https%3A%2F%2Fbeforeitsnews.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsggc:158:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:158:0
content-length
464
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
ga-audiences
www.google.com.au/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X6HC1RQLPR&cid=1826738370.1759739509&gtm=45je5a11h1v9134588528za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115497442~115834636~115834638&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115497442~115834636~115834638&z=2118277196
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 06 Oct 2025 08:31:51 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
go1.aniview.com/api/adserver/tag/ 		84 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=desktop&AV_CUSTOM1=p96LtZgPtkv1&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1625435&AV_CDIM5=e5d91855-a28e-11f0-a91e-d404e676c2e0&AV_CDIM6=17&AV_CDIM13=6517&AV_CDIM9=%7C350320&AV_CDIM10=%7C350320&AV_CDIM11=%7C350320&AV_CDIM12=%7C350320&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbeforeitsnews.com%2F&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=66476b6442315e17210826fc&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=beforeitsnews.com&AV_DADPOS=1&AV_GPID=%2F5ac2203f073ef46a6856c7b0%2F66476b6442315e17210826fc%2Fbeforeitsnews.com&d36=6.3.112&responsive=1&sver=7&avtoken=509569&omv=1.0.1&clsid=5a7ab569-cd66-4ddd-8eeb-091e3320345b&rando=62&rando1=3&rando2=94&scnt=1&AV_WIDTH=501&AV_HEIGHT=281&AV_DNT=0&cb=1759739509572&wfc=1&popt=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.81 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
17e70a36bb8174fe84d00e5a04472f9d7ea921d742181d79ca5e8cdf46403d9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
1728000
content-encoding
gzip
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
expires
Wed, 24 Sep 2025 18:45:10 GMT
alt-svc
h3=":443";ma=60;
date
Mon, 06 Oct 2025 08:31:50 GMT
x-bamboo-c-s
BYPASS
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
x-bamboo-c-skst
1
cache-control
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-skfe
1
access-control-allow-credentials
true
access-control-allow-origin
https://beforeitsnews.com
track
track1.aniview.com/ 		0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=beforeitsnews.com&sn=&cd1=desktop&cd2=0&cd3=outstream&cd4=1625435&cd5=e5d91855-a28e-11f0-a91e-d404e676c2e0&cd6=17&cd9=%7C350320&cd10=%7C350320&cd11=%7C350320&cd12=%7C350320&cd13=6517&ic=0&tgt=0&app=&wi=501&he=281&test=&d36=6.3.112&apppkg=&fv=1&proto=https&clsid=5a7ab569-cd66-4ddd-8eeb-091e3320345b&rando=62&rando1=3&rando2=94&scnt=1&pid=5ac2203f073ef46a6856c7b0&cid=66476b6442315e17210826fc&stagid=&stplid=&e=inventory&vi=100&plt=4&cb=1759739509571
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
date
Mon, 06 Oct 2025 08:31:49 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
/
c.mgid.com/vs/ 		43 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1625435&e=adinventory&h=null&o={%22timeOffset%22%3A0%2C%22muidn%22%3A%22p96LFLTSByv1%22%2C%22playerEngine%22%3A%22aniview%22%2C%22adPlayer%22%3A0%2C%22uuid%22%3A%22e5d91855-a28e-11f0-a91e-d404e676c2e0%22%2C%22subId%22%3A0%2C%22sticky%22%3A1%2C%22viewable%22%3A100%2C%22tt%22%3A%22Direct%22%2C%22advsrcid%22%3A6517}&t=0&c=23809&scua=&scub=&scu=&scufvl=&scum=%253F0&scumd=&scup=&scupv=&scufv=&scuw=%253F0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.200.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
98a3cdff1cbded6c-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
top-logo.png
beforeitsnews.com/img/v3/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beforeitsnews.com/img/v3/top-logo.png
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.76 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-max-age
3628800
x-accel-buffering
yes
cf-cache-status
HIT
etag
"5fe55cb2-8ab"
age
211602
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oSlzCopdh7A2YZv63qEHV1SdLXkhn6XHg%2F%2F2729Xvsfe9FvH9miM%2Bx96r14CTyjkz5%2B%2Bd5pBCjjztJNDwYSGQUaya8rAPTHRjq6g%2BUUm7Q%3D%3D"}]}
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
expires
Thu, 24 Sep 2026 15:36:16 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Oct 2025 08:31:45 GMT
content-type
image/png
vary
accept-encoding
last-modified
Fri, 25 Dec 2020 03:29:54 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=31536000, must-revalidate
cf-ray
98a3cde78f73ed74-ADL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2219
server
cloudflare
sync
rtb.mfadsrvr.com/ul_cb/ Frame FC51
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=onetag&ssp_user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&gdpr_consent=
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=onetag&ssp_user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.1.250.35 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
35.250.1.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
text/html; charset=UTF-8

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=onetag&ssp_user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&gdpr_consent=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:51 GMT
/
onetag-sys.com/match/ Frame FC51
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26uid%3D$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526uid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=98&uid=9028509663433934310&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&uid=9028509663433934310&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-store, no-cache, private
location
https://onetag-sys.com/match/?int_id=98&uid=9028509663433934310&gdpr=0&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.25.57.133; 103.25.57.133; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
e1756757-bf29-4411-b64b-e3940e77b089
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 06 Oct 2025 08:31:51 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
/
onetag-sys.com/match/ Frame FC51
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=MGEVGWP3-1L-5TQR&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=MGEVGWP3-1L-5TQR&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://onetag-sys.com/match/?int_id=2&uid=MGEVGWP3-1L-5TQR&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
ef94164c991c3d464383ee9b65da661e
content-length
0
Content-Type
text/html
/
onetag-sys.com/match/ Frame FC51
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=c4945c484d931f4cabdc7bb9629df&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=c4945c484d931f4cabdc7bb9629df&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Location
https://onetag-sys.com/match/?int_id=3&uid=c4945c484d931f4cabdc7bb9629df&gdpr_consent=&gdpr=0
x-sticky-vk
1759739510136038-69
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Mon, 06 Oct 2025 08:31:50 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 06 Oct 2025 08:31:50 GMT
Server
nginx
tap.php
pixel.rubiconproject.com/ Frame FC51 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
Pragma
no-cache
content-length
42
Content-Type
image/gif
73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame FC51 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

Date
Mon, 06 Oct 2025 08:31:56 GMT
Server
nginx
Connection
keep-alive
/
onetag-sys.com/match/ Frame FC51
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440&gdpr=0&gdpr_consent=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=1e983b85b2087d96&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10101531197440
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10101531197440
  • https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU31ce1bc52397483c8f943a2ad86c149f
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU31ce1bc52397483c8f943a2ad86c149f
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Location
https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU31ce1bc52397483c8f943a2ad86c149f
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
149
Date
Mon, 06 Oct 2025 08:31:51 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
pixel
cm.g.doubleclick.net/ Frame FC51
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABmbil_BWggG5jxWpENFuTkpPv3hX61kFhwQ&gdpr=0&gdpr_consent=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABmbil_BWggG5jxWpENFuTkpPv3hX61kFhwQ&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
142.250.76.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABmbil_BWggG5jxWpENFuTkpPv3hX61kFhwQ&gdpr=0&gdpr_consent=
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
onetag-sys.com/match/ Frame FC51
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7930571879214128986
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7930571879214128986
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-cache,no-store
location
https://onetag-sys.com/match/?int_id=107&uid=7930571879214128986
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 06 Oct 2025 08:31:49 GMT
pragma
no-cache
ecm3
s.amazon-adsystem.com/ Frame FC51
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
98.82.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-154-76.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
Q4F275KP9FRYZ0P5XBGR
Content-Length
43
Date
Mon, 06 Oct 2025 08:31:50 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
onetag-sys.com/match/ Frame FC51
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%23PMUID&rdf=1
  • https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=16070400; includeSubDomains
location
https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
137
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame FC51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm=&google_tc=
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFQGg09PlP4-a0RRcy71LnE&google_cver=1&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFQGg09PlP4-a0RRcy71LnE&google_cver=1&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-cache, must-revalidate
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFQGg09PlP4-a0RRcy71LnE&google_cver=1&gdpr=0&gdpr_consent=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
327
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
sync.targeting.unrulymedia.com/csync/ Frame FC51
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&gdpr=0&gdpr_consent=${GDPR_CONSENT}&us_privacy=
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&zcc=1&cb=1759739510468
  • https://ad.turn.com/r/cs?pid=45&id=RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004&rndcb=1454894583
  • https://sync.1rx.io/usersync/turn/2445597090289635068?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
52.77.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-62-253.ap-southeast-1.compute.amazonaws.com
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
content-length
43
date
Mon, 06 Oct 2025 08:31:51 GMT
server
Tengine

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
date
Mon, 06 Oct 2025 08:31:51 GMT
pragma
no-cache
content-type
text/html
server
Tengine
user-sync.html
ms-cookie-sync.presage.io/ Frame FC51 		0
0
/
onetag-sys.com/match/ Frame FC51
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=031d2cf6-7cc7-4a58-8f82-ed94d7696223&google_hm=MDMxZDJjZjYtN2NjNy00YTU4LThmODItZWQ5NGQ3Njk2MjIz&...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGEOnFfr6m6Qr9f8A4cFzsI&google_cver=1&ssp=onetag&bsw_param=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr_consent=&gdpr=0
  • https://onetag-sys.com/match/?int_id=30&uid=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//onetag-sys.com/match/?int_id=30&uid=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=0&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:51 GMT
m
cm.mgid.com/ Frame FC51 		43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834098&c=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p96LtZgPtkv1&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce050b8ded78-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
usync.js
eus.rubiconproject.com/ Frame 5EC0 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.225.135 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-135.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
5bc31c756effc4d180ab158f99b62e3bf4e6a8b0d2ef9105c6328bfcc590d4e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=

Response headers

cache-control
max-age=43968
content-encoding
gzip
expires
Mon, 06 Oct 2025 20:44:37 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11531
date
Mon, 06 Oct 2025 08:31:49 GMT
last-modified
Sun, 05 Oct 2025 20:44:37 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
bounce
id5-sync.com/ 		29 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://beforeitsnews.com
p3p
CP="CAO PSA OUR"
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
text/plain;charset=utf-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
231 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.223.4 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
4a86b9332c9645783c8251329c65da972dbe42e14c63d5946abdabe0b976eeda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-origin
https://beforeitsnews.com
content-length
54
date
Mon, 6 Oct 2025 08:31:50 GMT
content-type
application/json
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ 		56 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
166191cedf22a65d28a77c44251c021d342437d45a950019cd2e7ef235bc24a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://beforeitsnews.com
content-encoding
gzip
date
Mon, 06 Oct 2025 08:31:49 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
khaos.json
token.rubiconproject.com/ Frame 5EC0 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
content-length
7
content-type
application/json; charset=UTF-8
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 06 Oct 2025 08:31:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1BA3 		94 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
d65a4a8a160eb17ffca597e831a8e7080795af863d5d526e026432b8360dbece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
application/json+protobuf; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
m
cm.mgid.com/ Frame 5EC0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=MGEVGWBS-1D-8YAE
  • https://cm.mgid.com/m?cdsp=43070&c=MGEVGWBS-1D-8YAE&gdpr=0
43 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=43070&c=MGEVGWBS-1D-8YAE&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
104.17.199.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce0ba9c1ed78-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.mgid.com/m?cdsp=43070&c=MGEVGWBS-1D-8YAE&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
content-length
0
Content-Type
text/html
log_event
www.youtube.com/youtubei/v1/ Frame DE4B 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-YouTube-Page-CL
813518696
X-YouTube-Utc-Offset
480
Referer
https://www.youtube.com/embed/EXJksnmgE8s
X-YouTube-Device
cbr=Chrome&cbrver=141.0.0.0&ceng=WebKit&cengver=537.36&cos=X11&cplatform=DESKTOP
X-YouTube-Client-Name
56
X-YouTube-Ad-Signals
dt=1759739507660&flash=0&frm=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image
X-Goog-Event-Time
1759739510500
X-YouTube-Client-Version
1.20250930.02.00-canary_control_1.20251001.21.00
X-Goog-Visitor-Id
CgtHbkdFTzFucU52WSjz_I3HBjIKCgJBVRIEGgAgGA%3D%3D
X-Goog-Request-Time
1759739510500
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
X-YouTube-Time-Zone
Australia/Perth
Content-Type
application/json
X-YouTube-Page-Label
youtube.player.web_20250930_02_RC00

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
log_event
www.youtube.com/youtubei/v1/ Frame ED69 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-YouTube-Page-CL
813518696
X-YouTube-Utc-Offset
480
Referer
https://www.youtube.com/embed/2WMX5JQ2bkA?si=_PWZtAgDyvZ62wjo
X-YouTube-Device
cbr=Chrome&cbrver=141.0.0.0&ceng=WebKit&cengver=537.36&cos=X11&cplatform=DESKTOP
X-YouTube-Client-Name
56
X-YouTube-Ad-Signals
dt=1759739507667&flash=0&frm=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C370%2C246&vis=1&wgl=true&ca_type=image
X-Goog-Event-Time
1759739510563
X-YouTube-Client-Version
1.20250930.02.00-canary_control_1.20251001.21.00
X-Goog-Visitor-Id
CgtKclJyN0hfUm9ncyjz_I3HBjIKCgJBVRIEGgAgWw%3D%3D
X-Goog-Request-Time
1759739510563
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
X-YouTube-Time-Zone
Australia/Perth
Content-Type
application/json
X-YouTube-Page-Label
youtube.player.web_20250930_02_RC00

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
usync.html
eus.rubiconproject.com/ Frame E67D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.225.135 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-135.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Mon, 06 Oct 2025 08:31:50 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 06 Oct 2025 08:31:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame AE14
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=22&key=288cdc37-9226-4df9-8657-f69dcdb6ffcc
0
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=22&key=288cdc37-9226-4df9-8657-f69dcdb6ffcc
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length
0
date
Mon, 06 Oct 2025 08:31:51 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 06 Oct 2025 08:31:50 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=22&key=288cdc37-9226-4df9-8657-f69dcdb6ffcc
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
server
elb
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4F2B 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.132.242 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-132-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=34449
content-encoding
gzip
content-length
7259
content-type
text/html
date
Mon, 06 Oct 2025 08:31:50 GMT
expires
Mon, 06 Oct 2025 18:05:59 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 7740
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
  • https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
0
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length
0
date
Mon, 06 Oct 2025 08:31:52 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 06 Oct 2025 08:31:51 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=216&key=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=xmgid&gdpr=0&gdpr_consent=&ccpa=1---
pragma
no-cache
vary
Accept-Encoding
0
prebid.a-mo.net/cchain/ Frame 4A94 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
011162779a49bc0d050a687edc7363d12a45826dfdd0201c83a74bd13779ceaf

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
629
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:50 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
cookiesyncendpoint
sync.aniview.com/ Frame 1C28
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26bidde...
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26bidde...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=18&key=LdIfALZHok1ddZVoSvevfFGO
0
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=18&key=LdIfALZHok1ddZVoSvevfFGO
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length
0
date
Mon, 06 Oct 2025 08:31:51 GMT
server
istio-envoy
x-envoy-upstream-service-time
1

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Mon, 06 Oct 2025 08:31:51 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=18&key=LdIfALZHok1ddZVoSvevfFGO
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0434 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
82dbaafbc76e7349d5814e3f129cfe5a648cbbb594b9d7591497f117ca9890d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
br
content-length
1537
content-type
text/html
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame C903
Redirect Chain
  • https://visitor-ow.omnitagjs.com/visitor/bsync?uid=ee7f7070fcde32ab0ae4be25799fd7f5&url=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fbiddername%3D50%26auid%3D1759739510429-172025073148-000...
  • https://sync.aniview.com/cookiesyncendpoint?biddername=50&auid=1759739510429-172025073148-000637-009-003921&gdpr=0&gdpr_consent=&ccpa=1---&key=e00dbeccf828f7a9ddc8637eac690040
0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=50&auid=1759739510429-172025073148-000637-009-003921&gdpr=0&gdpr_consent=&ccpa=1---&key=e00dbeccf828f7a9ddc8637eac690040
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length
0
date
Mon, 06 Oct 2025 08:31:51 GMT
server
istio-envoy
x-envoy-upstream-service-time
2

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 06 Oct 2025 08:31:51 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=50&auid=1759739510429-172025073148-000637-009-003921&gdpr=0&gdpr_consent=&ccpa=1---&key=e00dbeccf828f7a9ddc8637eac690040
p3p
CP="CAO PSA OUR"
server
fasthttp
via
1.1 kong/3.9.1
x-kong-proxy-latency
0
x-kong-request-id
021c9c31817749319c8bc22b1bc67a3e
x-kong-upstream-latency
1
cookiesyncendpoint
sync.aniview.com/ Frame 8E18
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D60%26key%3D%5BUID%5D
  • https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=60&key=33299216-d67e-48a3-a7a3-dc1c4d3d19e3
0
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=60&key=33299216-d67e-48a3-a7a3-dc1c4d3d19e3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length
0
date
Mon, 06 Oct 2025 08:31:51 GMT
server
istio-envoy
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-cache, no-store, private
content-length
0
content-type
text/plain; charset=utf8
date
Mon, 06 Oct 2025 08:31:51 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=60&key=33299216-d67e-48a3-a7a3-dc1c4d3d19e3
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-173
x-xss-protection
0
uc.html
sync.go.sonobi.com/ Frame B43B 		43 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-type
text/html
date
Mon, 06 Oct 2025 08:31:51 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-150
x-xss-protection
0
RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
sync.targeting.unrulymedia.com/csync/ Frame F036
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview
  • https://ad.turn.com/r/cs?pid=45&id=RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004&rndcb=4537855491
  • https://sync.1rx.io/usersync/turn/4015443907586217023?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
43 B
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-62-253.ap-southeast-1.compute.amazonaws.com
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length
43
date
Mon, 06 Oct 2025 08:31:51 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
server
Tengine

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 06 Oct 2025 08:31:51 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004
pragma
no-cache
server
Tengine
avpb9.33.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame E6DA 		406 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb9.33.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.46.179.97 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-97.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
f281476dea9f1edce2ccc013d99af7ea3438854933f6708315b4d9de469c0738

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=Lip1Iw==, md5=dXM1D39P+LxDEPL5TkXVdw==
etag
"7573350f7f4ff8bc4310f2f94e45d577"
x-goog-stored-content-encoding
gzip
expires
Mon, 06 Oct 2025 08:46:50 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600
x-goog-stored-content-length
127609
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 30 Sep 2025 05:46:51 GMT
vary
Accept-Encoding
x-guploader-uploadid
AAwnv3LyT9UV4XjiuDJCBj24biQDosipeLPjr_-0jexTEw-xEcJqmEi2isFkn5r2qHx-lnov
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1759211211821036
content-length
127609
server
UploadServer
avpb9.33.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame E6DA 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb9.33.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.46.179.97 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-97.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
7bf59f81d46ebf44d5193309ce5d67075bc8c3d4583ae01e30217dc8c1773b6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=CQj4ZA==, md5=5PXgeyrpydOqthjMNzdHDg==
etag
"e4f5e07b2ae9c9d3aab618cc3737470e"
x-goog-stored-content-encoding
gzip
expires
Mon, 06 Oct 2025 08:46:50 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600
x-goog-stored-content-length
20691
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Tue, 30 Sep 2025 05:46:51 GMT
vary
Accept-Encoding
x-guploader-uploadid
AAwnv3Jnd5qobRpafxzsU1nWUgKN4YmMWSeEp0RiYJINuDKJdpultBBUfp-3l7YjZXu0zJbXHLSmBTI
cache-control
public, no-transform, max-age=900
x-goog-storage-class
MULTI_REGIONAL
quic-version
0x00000001
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1759211211809583
content-length
20691
server
UploadServer
s2s
s2s.aniview.com/api/adserver/ 		0
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=e952282ad8aa67bc7f39ea0f565efffd&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1759739510429-172025073148-000637-009-003921&tgt=0&AV_CDIM1=desktop&AV_CUSTOM1=p96LtZgPtkv1&AV_CDIM2=0&AV_CDIM3=outstream&AV_CDIM4=1625435&AV_CDIM5=e5d91855-a28e-11f0-a91e-d404e676c2e0&AV_CDIM6=17&AV_CDIM13=6517&AV_CDIM9=%7C350320&AV_CDIM10=%7C350320&AV_CDIM11=%7C350320&AV_CDIM12=%7C350320&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbeforeitsnews.com%2F&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=66476b6442315e17210826fc&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=beforeitsnews.com&AV_DADPOS=1&AV_GPID=%2F5ac2203f073ef46a6856c7b0%2F66476b6442315e17210826fc%2Fbeforeitsnews.com&d36=6.3.112&responsive=1&sver=7&avtoken=509569&omv=1.0.1&clsid=5a7ab569-cd66-4ddd-8eeb-091e3320345b&rando=62&rando1=3&rando2=94&scnt=1&AV_WIDTH=501&AV_HEIGHT=281&AV_DNT=0&cb=9739510595&wfc=1&popt=&&AV_VI=100&AV_VID=0&d4=1&d5=1&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&AV_IRISID=&AV_IRISIDCTX=&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.70 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://beforeitsnews.com/

Response headers

x-bamboo-c-skst
1
access-control-max-age
1728000
cache-control
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-skfe
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
expires
Wed, 24 Sep 2025 18:45:11 GMT
access-control-allow-origin
https://beforeitsnews.com
alt-svc
h3=":443";ma=60;
date
Mon, 06 Oct 2025 08:31:51 GMT
x-bamboo-c-s
BYPASS
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
pixel
cm.g.doubleclick.net/ Frame 5EC0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzVmMzZlMjIzNzk2ZDg1OTQ4MjI3NmMxY2UzMTZkYzg3Y2EzMjRlMg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzVmMzZlMjIzNzk2ZDg1OTQ4MjI3NmMxY2UzMTZkYzg3Y2EzMjRlMg&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
142.250.76.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzVmMzZlMjIzNzk2ZDg1OTQ4MjI3NmMxY2UzMTZkYzg3Y2EzMjRlMg&gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
Pragma
no-cache
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5EC0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
KMBE3Q97JSQF2RW0Y7W5
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Mon, 06 Oct 2025 08:31:52 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
KA1C8B1JE40V9BNJRKP9
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Mon, 06 Oct 2025 08:31:51 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
tap.php
pixel.rubiconproject.com/ Frame 5EC0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XL5ixXusBCe37ZdDaHcpvcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-M1XGrO5E2oKgAQ1ieY33f4A9U23EdZIRLJbrgw--~A
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-M1XGrO5E2oKgAQ1ieY33f4A9U23EdZIRLJbrgw--~A
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-M1XGrO5E2oKgAQ1ieY33f4A9U23EdZIRLJbrgw--~A
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
0
date
Mon, 06 Oct 2025 08:31:51 GMT
server
ATS
x-frame-options
DENY
pixel
cm.g.doubleclick.net/ Frame 5EC0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUdFVkdXQlMtMUQtOFlBRQ==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEFEKh7x85J2ZfR7QLmTDxaY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUdFVkdXQlMtMUQtOFlBRQ==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUdFVkdXQlMtMUQtOFlBRQ==&google_push=&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H3
Server
142.250.76.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 06 Oct 2025 08:31:51 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUdFVkdXQlMtMUQtOFlBRQ==&google_push=&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
content-length
0
Content-Type
text/html
ecm3
s.amazon-adsystem.com/ Frame 5EC0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=MGEVGWBS-1D-8YAE&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=MGEVGWBS-1D-8YAE&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
98.82.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-154-76.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
QW513CPG3QY5SDR9YT1N
Content-Length
43
Date
Mon, 06 Oct 2025 08:31:51 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=MGEVGWBS-1D-8YAE&ex=d-rubiconproject.com&status=ok&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
content-length
0
Content-Type
text/html
tap.php
pixel.rubiconproject.com/ Frame 5EC0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=&expires=30
content-length
289
date
Mon, 06 Oct 2025 08:31:50 GMT
server
Kestrel
setuid
px.ads.linkedin.com/ Frame 5EC0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MGEVGWBS-1D-8YAE&gdpr=0
0
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MGEVGWBS-1D-8YAE&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 811C6CA568314391989AAFC9C20D5EBD Ref B: MEL01EDGE0712 Ref C: 2025-10-06T08:31:51Z
x-li-fabric
prod-ltx1
x-li-uuid
AAZAeUh8Zuya9G11/6E5qg==
x-li-proto
http/2
alt-svc
h3=":443"; ma=86400
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 06 Oct 2025 08:31:50 GMT

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MGEVGWBS-1D-8YAE&gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
Pragma
no-cache
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 5EC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELb5ZE2FNH_oIqCbB6Wlo2s&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELb5ZE2FNH_oIqCbB6Wlo2s&google_cver=1
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELb5ZE2FNH_oIqCbB6Wlo2s&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
337
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
dcm
s.amazon-adsystem.com/ Frame 5EC0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
98.82.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-154-76.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
YFZ58YNQE5320VEG9NEC
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Mon, 06 Oct 2025 08:31:51 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
PX93SZ5TMCNAJERXF7MX
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Mon, 06 Oct 2025 08:31:51 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
tap.php
pixel.rubiconproject.com/ Frame 5EC0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACvM07Rxv0AABwwvRinEQ&expires=30&gdpr=0
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACvM07Rxv0AABwwvRinEQ&expires=30&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACvM07Rxv0AABwwvRinEQ&expires=30&gdpr=0
Content-Length
0
Date
Mon, 06 Oct 2025 08:31:51 GMT
Server
gunicorn
Connection
keep-alive
setuid
ib.adnxs.com/prebid/ Frame 5EC0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MGEVGWBS-1D-8YAE&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MGEVGWBS-1D-8YAE&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
103.25.57.133; 103.25.57.133; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
72bc45c0-dc9c-4713-ae16-fe9e44f4fad0
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 06 Oct 2025 08:31:51 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.25.5

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MGEVGWBS-1D-8YAE&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
content-length
0
Content-Type
text/html
merge
ce.lijit.com/ Frame 5EC0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=MGEVGWBS-1D-8YAE&gdpr=0
43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=MGEVGWBS-1D-8YAE&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
52.24.186.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-186-34.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://ce.lijit.com/merge?pid=80&3pid=MGEVGWBS-1D-8YAE&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
content-length
0
Content-Type
text/html
tap.php
pixel.rubiconproject.com/ Frame 5EC0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0cdd98cc-b26e-4dd5-95c0-3b00b4eac401&expires=30&gdpr=0
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0cdd98cc-b26e-4dd5-95c0-3b00b4eac401&expires=30&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

X-CI-RTID
d53f11a7-8815-4abe-b88d-8c1fce52ab6f
Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0cdd98cc-b26e-4dd5-95c0-3b00b4eac401&expires=30&gdpr=0
Content-Length
155
Date
Mon, 06 Oct 2025 08:31:52 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
magnite
sync.a-mo.net/setuid/ Frame 5EC0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://sync.a-mo.net/setuid/magnite?uid=MGEVGWBS-1D-8YAE&gdpr=0
0
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid/magnite?uid=MGEVGWBS-1D-8YAE&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.a-mo.net/setuid/magnite?uid=MGEVGWBS-1D-8YAE&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d335433bbbe0efeac67146df47932f6f
content-length
0
Content-Type
text/html
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame 5EC0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MGEVGWBS-1D-8YAE&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MGEVGWBS-1D-8YAE
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MGEVGWBS-1D-8YAE&ckls=true&ci=r1adESHKWN&nc=false&trid=-834163135
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MGEVGWBS-1D-8YAE&ckls=true&ci=r1adESHKWN&nc=false&trid=-834163135
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
108.158.32.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-104.syd3.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P2
x-amz-cf-id
5U0nQkiNMXEcDvwwkCFcnzdbLJluLN5LbbJoHbomWWdt1EXU9g4KxQ==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MGEVGWBS-1D-8YAE&ckls=true&ci=r1adESHKWN&nc=false&trid=-834163135
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P2
x-amz-cf-id
kouLZ7ed48LLykhIL9g9n_Bay9-95UdWWaXxLjTytZfPm-Rr4t1iyw==
check
pixel.tapad.com/idsync/ex/receive/ Frame 5EC0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MGEVGWBS-1D-8YAE&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MGEVGWBS-1D-8YAE&gdpr=0
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MGEVGWBS-1D-8YAE&gdpr=0
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/png

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MGEVGWBS-1D-8YAE&gdpr=0
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Mon, 06 Oct 2025 08:31:52 GMT
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 4948 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.33.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.132.242 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-132-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c16a536e9381a97c5d473a2b70aa9057bceebe38f05bb7d90360c96bff579033

Request headers

Referer
https://beforeitsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=105456
content-encoding
gzip
content-length
859
content-type
text/html
date
Mon, 06 Oct 2025 08:31:50 GMT
expires
Tue, 07 Oct 2025 13:49:26 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pb
ad.360yield.com/1944/ Frame E6DA 		1 KB
719 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1944/pb
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb9.33.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.8.187.97 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-187-97.compute.hwclouds-dns.com
Software
elb /
Resource Hash
788461ab792957d8f50e07931e7f66c436affb9e3f7f130066b175db9b78c207

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://beforeitsnews.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://beforeitsnews.com
content-length
474
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
application/json; charset=UTF-8
server
elb
usync.js
eus.rubiconproject.com/ Frame E67D 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.225.135 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-225-135.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
5bc31c756effc4d180ab158f99b62e3bf4e6a8b0d2ef9105c6328bfcc590d4e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Response headers

cache-control
max-age=43968
content-encoding
gzip
expires
Mon, 06 Oct 2025 20:44:37 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11531
date
Mon, 06 Oct 2025 08:31:49 GMT
last-modified
Sun, 05 Oct 2025 20:44:37 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
sync
rtb.mfadsrvr.com/ Frame 0434 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.250.35 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
35.250.1.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
text/html; charset=UTF-8
/
onetag-sys.com/match/ Frame 0434
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26uid%3D$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526uid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=98&uid=8895045668973197676&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&uid=8895045668973197676&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-store, no-cache, private
location
https://onetag-sys.com/match/?int_id=98&uid=8895045668973197676&gdpr=0&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.25.57.133; 103.25.57.133; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
9d3a8985-4a06-4105-8fc6-3679f72a46f9
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 06 Oct 2025 08:31:51 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
/
onetag-sys.com/match/ Frame 0434
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=MGEVGWBS-1D-8YAE&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=MGEVGWBS-1D-8YAE&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://onetag-sys.com/match/?int_id=2&uid=MGEVGWBS-1D-8YAE&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
ef94164c991c3d464383ee9b65da661e
content-length
0
Content-Type
text/html
tap.php
pixel.rubiconproject.com/ Frame 0434 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Pragma
no-cache
content-length
42
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 0434
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440&gdpr=0&gdpr_consent=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=1e983b85b2087d96&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10101531197440
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10101531197440
  • https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU31ce1bc52397483c8f943a2ad86c149f
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU31ce1bc52397483c8f943a2ad86c149f
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Location
https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU31ce1bc52397483c8f943a2ad86c149f
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
149
Date
Mon, 06 Oct 2025 08:31:51 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
pixel
cm.g.doubleclick.net/ Frame 0434
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABmbimABPKycVcRKs6Gbp-o6cfJFQeFOZ8PA&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABmbimABPKycVcRKs6Gbp-o6cfJFQeFOZ8PA&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
142.250.76.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABmbimABPKycVcRKs6Gbp-o6cfJFQeFOZ8PA&gdpr=0&gdpr_consent=
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
ecm3
s.amazon-adsystem.com/ Frame 0434
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
98.82.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-154-76.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
BWJTAG6A42E4MJBGMP94
Content-Length
43
Date
Mon, 06 Oct 2025 08:31:51 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
user-sync.html
ms-cookie-sync.presage.io/ Frame 0434 		0
0
/
onetag-sys.com/match/ Frame 0434
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Donet...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=a88504ba173849af845a6d0d2d02d4c9&ssp=onetag&bsw_param=&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://onetag-sys.com/match/?int_id=30&uid=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//onetag-sys.com/match/?int_id=30&uid=031d2cf6-7cc7-4a58-8f82-ed94d7696223&gdpr=0&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Oct 2025 08:31:52 GMT
/
onetag-sys.com/match/ Frame 0434
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=c4945c484d931f4cabdc7bb9629df&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=c4945c484d931f4cabdc7bb9629df&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Location
https://onetag-sys.com/match/?int_id=3&uid=c4945c484d931f4cabdc7bb9629df&gdpr_consent=&gdpr=0
x-sticky-vk
1759739510804077-85
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Mon, 06 Oct 2025 08:31:50 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 06 Oct 2025 08:31:50 GMT
Server
nginx
73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame 0434 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---&coppa=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

Date
Mon, 06 Oct 2025 08:31:57 GMT
Server
nginx
Connection
keep-alive
/
onetag-sys.com/match/ Frame 0434
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7930571879214128986
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7930571879214128986
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Mon, 06 Oct 2025 08:31:50 GMT
location
https://onetag-sys.com/match/?int_id=107&uid=7930571879214128986
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0434
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Or5gvnHkSiew8BEGgJK4qA%3D%3D&gdpr=0&gdpr_consent=&google_cm
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEOQ3FD892wvbZM8sl3VfnNc&google_cver=1
0
0
/
onetag-sys.com/match/ Frame 0434
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFQGg09PlP4-a0RRcy71LnE&google_cver=1&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFQGg09PlP4-a0RRcy71LnE&google_cver=1&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-cache, must-revalidate
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFQGg09PlP4-a0RRcy71LnE&google_cver=1&gdpr=0&gdpr_consent=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
327
date
Mon, 06 Oct 2025 08:31:50 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
/
onetag-sys.com/match/ Frame 0434
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&gdpr=0&gdpr_consent=${GDPR_CONSENT}&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004?redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D212%26uid%3DRX-9d09463d-379a-4bdc-9559-b835ffb715f3...
  • https://onetag-sys.com/match/?int_id=212&uid=RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004&us_privacy=1---
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=212&uid=RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004&us_privacy=1---
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=212&uid=RX-9d09463d-379a-4bdc-9559-b835ffb715f3-004&us_privacy=1---
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Mon, 06 Oct 2025 08:31:51 GMT
etag
RX9d09463d379a4bdc9559b835ffb715f3004
content-type
text/html
server
Tengine
m
cm.mgid.com/ Frame 0434 		43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834098&c=tbQA3KJRbuNcUw_u7fdNw9Zu7QVzjL0RKA_AaD4yfws&gdpr=0&consent=&us_privacy=1---
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
98a3ce064c8ced78-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 06 Oct 2025 08:31:50 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
khaos.json
token.rubiconproject.com/ Frame E67D 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=MGEVGWBS-1D-8YAE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
content-length
7
content-type
application/json; charset=UTF-8
geo
ut.pubmatic.com/ Frame 4F2B 		22 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=161673
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
23346cb9c6dc01dee2bf79a1228e444fda992d04fbe45bfb59450869b1eccf3c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Content-Length
22
Date
Mon, 06 Oct 2025 08:31:51 GMT
Content-Type
application/json
geo
ut.pubmatic.com/ Frame 4F2B 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=161673
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
23346cb9c6dc01dee2bf79a1228e444fda992d04fbe45bfb59450869b1eccf3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Content-Length
22
Date
Mon, 06 Oct 2025 08:31:51 GMT
Content-Type
application/json
cookiesyncendpoint
sync.aniview.com/ Frame E67D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=MGEVGWBS-1D-8YAE
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=MGEVGWBS-1D-8YAE
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=MGEVGWBS-1D-8YAE
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

content-length
0
date
Mon, 06 Oct 2025 08:31:52 GMT
x-envoy-upstream-service-time
0
server
istio-envoy

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=MGEVGWBS-1D-8YAE
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
content-length
0
Content-Type
text/html
/
d0.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip30.ip-51-195-126.eu
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip113.ip-51-195-73.eu
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.100 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip100.ip-51-195-127.eu
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip115.ip-51-195-127.eu
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip80.ip-135-125-146.eu
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip115.ip-51-195-127.eu
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip80.ip-135-125-146.eu
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-3-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.74 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip74.ip-51-195-73.eu
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d0.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.71 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip71.ip-51-195-73.eu
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.74 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip74.ip-51-195-73.eu
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip115.ip-51-195-127.eu
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip115.ip-51-195-127.eu
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip30.ip-51-195-126.eu
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip162.ip-135-125-140.eu
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.222 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip222.ip-51-195-34.eu
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-4-id5-sync.com/ 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip30.ip-51-195-126.eu
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
cframe.js
a.amxrtb.com/js/ Frame 4A94 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.amxrtb.com/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.250 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1f1117d5f8ed465912bb9c5716a1d6ce026621ffd5161c031154d11d2b4188

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"0b2d66bd1470a128cd4d5c880ef006d4"
age
1585
expires
Mon, 06 Oct 2025 12:31:51 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
VuQIZILh7CzvSN-dHilT_SlH5rgW0zrM4YTJy3_Wwt_gMgmoUIX1mQ==
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
text/javascript
last-modified
Tue, 10 Jun 2025 18:26:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=14400
via
1.1 129d4a207b7fbc37b25369aff84e0b6a.cloudfront.net (CloudFront)
cf-ray
98a3ce08ab78ec86-ADL
x-amz-cf-pop
AKL50-C1
server
cloudflare
x-amz-server-side-encryption
AES256
log_event
www.youtube.com/youtubei/v1/ Frame 1BA3 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/29a37ef6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-YouTube-Page-CL
813518696
X-YouTube-Utc-Offset
480
Referer
https://www.youtube.com/embed/3HkOiY9OiRo
X-YouTube-Device
cbr=Chrome&cbrver=141.0.0.0&ceng=WebKit&cengver=537.36&cos=X11&cplatform=DESKTOP
X-YouTube-Client-Name
56
X-YouTube-Ad-Signals
dt=1759739507652&flash=0&frm=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C367%2C245&vis=1&wgl=true&ca_type=image
X-Goog-Event-Time
1759739511117
X-YouTube-Client-Version
1.20250930.02.00
X-Goog-Visitor-Id
CgtpVVcxa2Vtc1hRUSjz_I3HBjIKCgJBVRIEGgAgag%3D%3D
X-Goog-Request-Time
1759739511118
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
X-YouTube-Time-Zone
Australia/Perth
Content-Type
application/json
X-YouTube-Page-Label
youtube.player.web_20250930_02_RC00

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
date
Mon, 06 Oct 2025 08:31:51 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
cookiesyncendpoint
sync.aniview.com/ Frame 4A94 		0
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=105&pid=5ac2203f073ef46a6856c7b0&key=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

content-length
0
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
PugMaster
image6.pubmatic.com/AdServer/ Frame 4F2B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17683019&p=161673&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c74144cd708d0b7a8ea23ae0f95d9f77151cc7307e9edb115cc8a4341abd0975
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
text/html; charset=UTF-8
match
ap-ice.360yield.com/
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=288cdc37-9226-4df9-8657-f69dcdb6ffcc&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.3...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=288cdc37-9226-4df9-8657-f69dcdb6ffcc&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://ap-...
  • https://ap-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1760949113&external_user_id=8998493743908912161
43 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1760949113&external_user_id=8998493743908912161
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
119.8.187.97 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-187-97.compute.hwclouds-dns.com
Software
elb /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Mon, 06 Oct 2025 08:31:53 GMT
content-type
image/gif
server
elb

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
location
https://ap-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1760949113&external_user_id=8998493743908912161
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
-1
access-control-allow-origin
*
content-length
0
date
Mon, 06 Oct 2025 08:31:53 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
usersync.aspx
dis.criteo.com/dis/ 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=16&p=64&cp=improvedigital&cu=1&url=https%3A%2F%2Fad.360yield.com%2Fmatch%3Fpublisher_dsp_id%3D38%26external_user_id%3D%40%40CRITEO_USERID%40%40&publisher_user_id=288cdc37-9226-4df9-8657-f69dcdb6ffcc&publisher_dsp_id=38&publisher_call_type=redirect&publisher_redirecturl=https://ap-ice.360yield.com/match
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.175 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
262120
expires
Mon, 06 Oct 2025 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
Kestrel
match
ad.360yield.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=Mjg4Y2RjMzctOTIyNi00ZGY5LTg2NTctZjY5ZGNkYjZmZmNj&dsp_callback=0
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEFgHtChO_9AvHxkW-4gu3KQ&google_cver=1
43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEFgHtChO_9AvHxkW-4gu3KQ&google_cver=1
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
119.8.187.97 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-187-97.compute.hwclouds-dns.com
Software
elb /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
elb

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEFgHtChO_9AvHxkW-4gu3KQ&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
332
date
Mon, 06 Oct 2025 08:31:51 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
match
ad.360yield.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=288cdc37-9226-4df9-8657-f69dcdb6ffcc&publisher_dsp_id=167&publisher_call_type=redirect&publisher_redir...
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
119.8.187.97 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-187-97.compute.hwclouds-dns.com
Software
elb /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Mon, 06 Oct 2025 08:31:51 GMT
content-type
image/gif
server
elb

Redirect headers

location
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=
content-length
281
date
Mon, 06 Oct 2025 08:31:51 GMT
server
Kestrel
match
ad.360yield.com/
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/improvedigital/288cdc37-9226-4df9-8657-f69dcdb6ffcc
  • https://ad.360yield.com/match?publisher_dsp_id=179&external_user_id=y-.WWIMKNE2pnJr4a5Q3CaR2dyept12sSgVjQ4BFFqW0dl29k-~A
43 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=179&external_user_id=y-.WWIMKNE2pnJr4a5Q3CaR2dyept12sSgVjQ4BFFqW0dl29k-~A
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
119.8.187.97 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-187-97.compute.hwclouds-dns.com
Software
elb /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/gif
server
elb

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location
https://ad.360yield.com/match?publisher_dsp_id=179&external_user_id=y-.WWIMKNE2pnJr4a5Q3CaR2dyept12sSgVjQ4BFFqW0dl29k-~A
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
0
date
Mon, 06 Oct 2025 08:31:52 GMT
server
ATS
x-frame-options
DENY
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E6DA 		457 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
cafe /
Resource Hash
6b59688ba76d9f2c157a4cb07d3244d66efe55a6c8bcb3b0fd1d4212a1000ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://beforeitsnews.com/

Response headers

content-encoding
br
etag
2979870942712552566
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 08:31:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
147616
x-xss-protection
0
server
cafe
match
c1.adform.net/serving/cookie/ Frame 5225
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=
35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 06 Oct 2025 08:31:53 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 06 Oct 2025 08:31:53 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pubmatic
um.simpli.fi/ Frame 083E 		43 B
610 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
43
content-type
image/gif
date
Mon, 06 Oct 2025 08:31:52 GMT
expires
Sun, 05 Oct 2025 08:31:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 5BB8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eb7268e3-7e79-4f00-a663-15c5b73c8cd1&gdpr=0&gdpr_consent=
42 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eb7268e3-7e79-4f00-a663-15c5b73c8cd1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 06 Oct 2025 08:31:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 06 Oct 2025 08:31:52 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Referrer-Policy
strict-origin
Server
MT3 2082 0091691 master iad iad-pixel-x5 config_version:"3047"
Strict-Transport-Security
31536000
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
X-XSS-Protection
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eb7268e3-7e79-4f00-a663-15c5b73c8cd1&gdpr=0&gdpr_consent=
3ABE60BE-71E4-4A27-B0F0-11068092B8A8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FD82 		178 KB
178 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3ABE60BE-71E4-4A27-B0F0-11068092B8A8?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.129.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-129-212.us-west-2.compute.amazonaws.com
Software
ATS /
Resource Hash
fcdbc766608338226645c995d95a35359eae5a5d3a7416e97e5b1bce8ec50e1c
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

age
0
content-length
43
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
content-type
image/gif
date
Mon, 06 Oct 2025 08:31:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY
SPug
image4.pubmatic.com/AdServer/ Frame 0B4C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&redir=true&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&redir=true&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UdOn2HdE2uXwjjGIML6T.0Qp76_DMDY-~A&gdpr=0&us_privacy=
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UdOn2HdE2uXwjjGIML6T.0Qp76_DMDY-~A&gdpr=0&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
date
Mon, 06 Oct 2025 08:31:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

age
0
content-length
0
content-type
text/html
date
Mon, 06 Oct 2025 08:31:52 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UdOn2HdE2uXwjjGIML6T.0Qp76_DMDY-~A&gdpr=0&us_privacy=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
setuid
sea1-sync.a-mo.net/ Frame 78C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9028509663433934310&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
2

Redirect headers

cache-control
private,max-age=86400
content-length
160
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:52 GMT
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
strict-transport-security
max-age=16070400; includeSubDomains
setuid
sea1-sync.a-mo.net/ Frame 3351
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2445597090289635068&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:52 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
4

Redirect headers

cache-control
private,max-age=86400
content-length
160
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:52 GMT
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
sea1-sync.a-mo.net/ Frame 1B90
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1awmsh57t72c
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:52 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private,max-age=86400
content-length
160
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:52 GMT
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
sea1-sync.a-mo.net/ Frame 43EB
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912&gdpr=0&gdpr_consent=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=1e983b85b2087d96&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub8730968190912
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU31ce1bc52397483c8f943a2ad86c149f
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:52 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
190

Redirect headers

cache-control
private,max-age=86400
content-length
160
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:52 GMT
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
sea1-sync.a-mo.net/ Frame 7467
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=V7azTYtfDfN9wDoHOQxAFqB1y4kyLuNXKovm6skahdY&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&g...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:52 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
3

Redirect headers

cache-control
private,max-age=86400
content-length
160
content-type
text/html; charset=utf-8
date
Mon, 06 Oct 2025 08:31:52 GMT
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookiesyncendpoint
sync.aniview.com/ Frame B8DE 		0
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1759739510429-172025073148-000637-009-003921&biddername=1&key=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=161673&gdpr=0&gdpr_consent=&ccpa=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.240.45.96 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length
0
date
Mon, 06 Oct 2025 08:31:52 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
demconf.jpg
dpm.demdex.net/ Frame 4F2B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
54.149.208.251 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-208-251.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-usw2-2-v076-0ad6da353.edge-usw2.demdex.com 9 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
wTOhKXYbQ0k=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Mon, 06 Oct 2025 08:31:53 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
dcs
dcs-prod-usw2-1-v076-01097d813.edge-usw2.demdex.com 0 ms
pragma
no-cache
x-tid
zv6LmB9tRn8=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Mon, 06 Oct 2025 08:31:52 GMT
396846.gif
idsync.rlcdn.com/ Frame 4F2B
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=18ff0f43-474c-4f1c-854e-4941d0ff3b2b
42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=18ff0f43-474c-4f1c-854e-4941d0ff3b2b
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/gif

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=18ff0f43-474c-4f1c-854e-4941d0ff3b2b
pragma
no-cache
x-forwarded-for
103.25.57.133
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
img
pixel.mathtag.com/sync/ Frame 4F2B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3ABE60BE-71E4-4A27-B0F0-11068092B8A8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/15927723?&gdpr=0&gdpr_consent=&sInitiator=external&sExtCookieId=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=69782438-64d8-4384-96fe-f062306c17ab
  • https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=69782438-64d8-4384-96fe-f062306c17ab
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=9028509663433934310&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8998493743908912161&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=8998493743908912161&gdpr=0&gdpr_consent=&sInitiator=internal
  • https://sync.srv.stackadapt.com/sync?nid=semasio
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=-JOrQxafWKVyFrqnEmE0GmcZOYU&gdpr=&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=9028509663433934310&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&redir=https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
  • https://sa.semasio.net/sync/1/14876172?sExtCookieId=eb7268e3-7e79-4f00-a663-15c5b73c8cd1&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4810512241534797480&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=4810512241534797480&gdpr=0&gdpr_consent=&sInitiator=internal
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&redir=https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4F2B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=
42 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=
Requested by
Host: beforeitsnews.com
URL: https://beforeitsnews.com/
Protocol
H2
Server
207.65.33.82 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69782438-64d8-4384-96fe-f062306c17ab&gdpr=0&gdpr_consent=
content-length
355
date
Mon, 06 Oct 2025 08:31:52 GMT
server
Kestrel
sharethrough
sync.a-mo.net/setuid/ Frame 4A94
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=a6a34444&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dsharethrough%2...
  • https://sync.a-mo.net/setuid/sharethrough?uid=904af894-149a-4497-8578-b247d7a2a5ad&gdpr=0
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid/sharethrough?uid=904af894-149a-4497-8578-b247d7a2a5ad&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
2
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
location
https://sync.a-mo.net/setuid/sharethrough?uid=904af894-149a-4497-8578-b247d7a2a5ad&gdpr=0
content-length
0
magnite
sync.a-mo.net/setuid/ Frame 4A94
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=
  • https://sync.a-mo.net/setuid/magnite?uid=MGEVGWBS-1D-8YAE&gdpr=0
0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid/magnite?uid=MGEVGWBS-1D-8YAE&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
2
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.a-mo.net/setuid/magnite?uid=MGEVGWBS-1D-8YAE&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
content-length
0
Content-Type
text/html
cookie
cm.adform.net/ Frame 4A94 		35 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.6.230 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Mon, 06 Oct 2025 08:31:53 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
setuid
sea1-sync.a-mo.net/ Frame 4A94
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=adptmx&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dyieldmo%26uid%3D%24UID
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=yieldmo&uid=xeh8tmm2z3msCMV1NJb9&gdpr=0&gdpr_consent=
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=yieldmo&uid=xeh8tmm2z3msCMV1NJb9&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
2
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=yieldmo&uid=xeh8tmm2z3msCMV1NJb9&gdpr=0&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
0
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
application/json;charset=utf-8
access-control-allow-headers
Cache-Control, Pragma, *
setuid
sea1-sync.a-mo.net/ Frame 4A94
Redirect Chain
  • https://id.a-mx.com/u?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Damx_com%26uid%3D&A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680...
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=amx_com&uid=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=amx_com&uid=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

date
Mon, 6 Oct 2025 08:31:51 GMT
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=amx_com&uid=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680
content-length
0
setuid
sea1-sync.a-mo.net/ Frame 4A94
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dpubmatic%26uid%3D%23PMUID
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
0
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
private,max-age=86400
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=pubmatic&uid=3ABE60BE-71E4-4A27-B0F0-11068092B8A8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
160
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
text/html; charset=utf-8
setuid
sea1-sync.a-mo.net/ Frame 4A94
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dappnexus%26uid%3D%24UID
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=appnexus&uid=9028509663433934310
0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=appnexus&uid=9028509663433934310
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

cache-control
no-store, no-cache, private
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=appnexus&uid=9028509663433934310
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.25.57.133; 103.25.57.133; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
f9887267-2921-4fb3-a25c-f24ecbf0a990
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 06 Oct 2025 08:31:52 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
setuid
sea1-sync.a-mo.net/ Frame 4A94
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dsovrn%26uid%3D%24UID
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=sovrn&uid=LdIfALZHok1ddZVoSvevfFGO
0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=sovrn&uid=LdIfALZHok1ddZVoSvevfFGO
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=sovrn&uid=LdIfALZHok1ddZVoSvevfFGO
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Mon, 06 Oct 2025 08:31:52 GMT
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
setuid
sea1-sync.a-mo.net/ Frame 4A94
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D2ef8b3b4-66c6-41f1-bfc4-2546cf36b680%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=openx&uid=74e7ffea-3394-4a95-b1bb-09a7683f987e
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=openx&uid=74e7ffea-3394-4a95-b1bb-09a7683f987e
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1759739510429-172025073148-000637-009-003921%26biddername%3D105%26pid%3D5ac2203f073ef46a6856c7b0%26key%3D
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 06 Oct 2025 08:31:51 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

cache-control
private, max-age=0, no-cache, must-revalidate
location
https://sea1-sync.a-mo.net/setuid?A=2ef8b3b4-66c6-41f1-bfc4-2546cf36b680&bidder=openx&uid=74e7ffea-3394-4a95-b1bb-09a7683f987e
pragma
no-cache
x-forwarded-for
103.25.57.133
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 06 Oct 2025 08:31:52 GMT
vary
Origin
v3
id5-sync.com/gm/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
c8a6cad051b6662ed5b453114a4331ea374e8c6a0b7d8654d0145e50d1a696be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://beforeitsnews.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://beforeitsnews.com
p3p
CP="CAO PSA OUR"
date
Mon, 06 Oct 2025 08:31:52 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
truncated
/ Frame FD82 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame FD82 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image